
<!DOCTYPE HTML>
<html lang="zh-hans" >
    <head>
        <meta charset="UTF-8">
        <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
        <title>Kube Proxy Iptables · 这是程序员吗</title>
        <meta http-equiv="X-UA-Compatible" content="IE=edge" />
        <meta name="description" content="">
        <meta name="generator" content="GitBook 3.2.3">
        <meta name="author" content="xishengcai">
        
        
    
    
    <link rel="stylesheet" href="../../../gitbook/style.css">

    
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-expandable-chapters/expandable-chapters.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-toggle-chapters/toggle.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-search-plus/search.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-disqus/plugin.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-prism/prism-base16-ateliersulphurpool.light.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-advanced-emoji/emoji-website.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-anchors/plugin.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-emphasize/plugin.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-katex/katex.min.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-splitter/splitter.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-mermaid-gb3/mermaid/mermaid.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-tbfed-pagefooter/footer.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-expandable-chapters-small/expandable-chapters-small.css">
                
            
                
                <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-sectionx/sectionx.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-donate/plugin.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-local-video/video-js.min.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-anchor-navigation-ex/style/plugin.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-terminal/plugin.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-alerts/style.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-versions-select/plugin.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-fontsettings/website.css">
                
            
                
                <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-theme-comscore/test.css">
                
            
        

    

    
        
    
        
    
        
    
        
    
        
    
        
    


    

        
    
    
    
    
    
    
    <meta name="HandheldFriendly" content="true"/>
    <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
    <meta name="apple-mobile-web-app-capable" content="yes">
    <meta name="apple-mobile-web-app-status-bar-style" content="black">
    <link rel="apple-touch-icon-precomposed" sizes="152x152" href="../../../gitbook/images/apple-touch-icon-precomposed-152.png">
    <link rel="shortcut icon" href="../../../gitbook/images/favicon.ico" type="image/x-icon">

    
    <link rel="next" href="kube-proxy-ipvs.html" />
    
    
    <link rel="prev" href="job.html" />
    

    
    <link rel="stylesheet" href="../../../gitbook/gitbook-plugin-chart/c3/c3.min.css">
    <script src="../../../gitbook/gitbook-plugin-chart/c3/d3.min.js"></script>
    <script src="../../../gitbook/gitbook-plugin-chart/c3/c3.min.js"></script>
    

    <script src="../../../gitbook/gitbook-plugin-graph/d3.min.js"></script>
    <script src="../../../gitbook/gitbook-plugin-graph/function-plot.js"></script>    

    
        <link rel="shortcut icon" href='../../../favicon.ico' type="image/x-icon">
    
    
        <link rel="bookmark" href='../../../favicon.ico' type="image/x-icon">
    
    
    

    <style>
    @media only screen and (max-width: 640px) {
        .book-header .hidden-mobile {
            display: none;
        }
    }
    </style>
    <script>
        window["gitbook-plugin-github-buttons"] = {"repo":"xishengcai/xisheng.blog","types":["star"],"size":"small"};
    </script>

    </head>
    <body>
        
<div class="book">
    <div class="book-summary">
        
            
<div id="book-search-input" role="search">
    <input type="text" placeholder="输入并搜索" />
</div>

            
                <nav role="navigation">
                


<ul class="summary">
    
    
    
        
        <li>
            <a href="https://xisheng.vip" target="_blank" class="custom-link">Home</a>
        </li>
    
    

    
    <li class="divider"></li>
    

    
        
        <li class="header">Blog</li>
        
        
    
        <li class="chapter " data-level="1.1" data-path="../../../">
            
                <a href="../../../">
            
                    
                        <b>1.1.</b>
                    
                    Introduction
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.2" data-path="../../algorithm/">
            
                <a href="../../algorithm/">
            
                    
                        <b>1.2.</b>
                    
                    Algorithm
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.2.1" data-path="../../algorithm/heap.html">
            
                <a href="../../algorithm/heap.html">
            
                    
                        <b>1.2.1.</b>
                    
                    Heap
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.2.2" data-path="../../algorithm/readme.html">
            
                <a href="../../algorithm/readme.html">
            
                    
                        <b>1.2.2.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.3" data-path="../../angular/">
            
                <a href="../../angular/">
            
                    
                        <b>1.3.</b>
                    
                    Angular
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.3.1" data-path="../../angular/1-start.html">
            
                <a href="../../angular/1-start.html">
            
                    
                        <b>1.3.1.</b>
                    
                    Start
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.3.2" data-path="../../angular/2-component.html">
            
                <a href="../../angular/2-component.html">
            
                    
                        <b>1.3.2.</b>
                    
                    Component
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.3.3" data-path="../../angular/3-form.html">
            
                <a href="../../angular/3-form.html">
            
                    
                        <b>1.3.3.</b>
                    
                    Form
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.3.4" data-path="../../angular/readme.html">
            
                <a href="../../angular/readme.html">
            
                    
                        <b>1.3.4.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.4" data-path="../../database/">
            
                <a href="../../database/">
            
                    
                        <b>1.4.</b>
                    
                    Database
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.4.1" data-path="../../database/mongodb.html">
            
                <a href="../../database/mongodb.html">
            
                    
                        <b>1.4.1.</b>
                    
                    Mongodb
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.2" data-path="../../database/readme.html">
            
                <a href="../../database/readme.html">
            
                    
                        <b>1.4.2.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.5" data-path="../../docker/">
            
                <a href="../../docker/">
            
                    
                        <b>1.5.</b>
                    
                    Docker
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.5.1" data-path="../../docker/CentOS.html">
            
                <a href="../../docker/CentOS.html">
            
                    
                        <b>1.5.1.</b>
                    
                    CentOS
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.5.2" data-path="../../docker/install.html">
            
                <a href="../../docker/install.html">
            
                    
                        <b>1.5.2.</b>
                    
                    Install
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.5.3" data-path="../../docker/readme.html">
            
                <a href="../../docker/readme.html">
            
                    
                        <b>1.5.3.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.5.4" data-path="../../docker/官方shell.html">
            
                <a href="../../docker/官方shell.html">
            
                    
                        <b>1.5.4.</b>
                    
                    官方Shell
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.6" data-path="../../golang/">
            
                <a href="../../golang/">
            
                    
                        <b>1.6.</b>
                    
                    Golang
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.6.1" data-path="../../golang/aop.html">
            
                <a href="../../golang/aop.html">
            
                    
                        <b>1.6.1.</b>
                    
                    Aop
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.2" data-path="../../golang/base/">
            
                <a href="../../golang/base/">
            
                    
                        <b>1.6.2.</b>
                    
                    Base
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.6.2.1" data-path="../../golang/base/copy.html">
            
                <a href="../../golang/base/copy.html">
            
                    
                        <b>1.6.2.1.</b>
                    
                    Copy
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.2.2" data-path="../../golang/base/new_and_make.html">
            
                <a href="../../golang/base/new_and_make.html">
            
                    
                        <b>1.6.2.2.</b>
                    
                    New And Make
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.2.3" data-path="../../golang/base/readme.html">
            
                <a href="../../golang/base/readme.html">
            
                    
                        <b>1.6.2.3.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.2.4" data-path="../../golang/base/reflect.html">
            
                <a href="../../golang/base/reflect.html">
            
                    
                        <b>1.6.2.4.</b>
                    
                    Reflect
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.2.5" data-path="../../golang/base/string.html">
            
                <a href="../../golang/base/string.html">
            
                    
                        <b>1.6.2.5.</b>
                    
                    String
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.2.6" data-path="../../golang/base/tag.html">
            
                <a href="../../golang/base/tag.html">
            
                    
                        <b>1.6.2.6.</b>
                    
                    Tag
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.6.3" data-path="../../golang/clouser.html">
            
                <a href="../../golang/clouser.html">
            
                    
                        <b>1.6.3.</b>
                    
                    Clouser
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.4" data-path="../../golang/err 优雅处理.html">
            
                <a href="../../golang/err 优雅处理.html">
            
                    
                        <b>1.6.4.</b>
                    
                    Err 优雅处理
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.5" data-path="../../golang/go module 2.html">
            
                <a href="../../golang/go module 2.html">
            
                    
                        <b>1.6.5.</b>
                    
                    Go Module 2
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.6" data-path="../../golang/go_mod.html">
            
                <a href="../../golang/go_mod.html">
            
                    
                        <b>1.6.6.</b>
                    
                    Go Mod
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.7" data-path="../../golang/gocraftwork.html">
            
                <a href="../../golang/gocraftwork.html">
            
                    
                        <b>1.6.7.</b>
                    
                    Gocraftwork
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.8" data-path="../../golang/oauth.html">
            
                <a href="../../golang/oauth.html">
            
                    
                        <b>1.6.8.</b>
                    
                    Oauth
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.9" data-path="../../golang/readme.html">
            
                <a href="../../golang/readme.html">
            
                    
                        <b>1.6.9.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.10" data-path="../../golang/swagger.html">
            
                <a href="../../golang/swagger.html">
            
                    
                        <b>1.6.10.</b>
                    
                    Swagger
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.11" data-path="../../golang/tls.html">
            
                <a href="../../golang/tls.html">
            
                    
                        <b>1.6.11.</b>
                    
                    Tls
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.12" >
            
                <span>
            
                    
                        <b>1.6.12.</b>
                    
                    代码走读
            
                </span>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.6.12.1" data-path="../../golang/代码走读/2020.5.26.html">
            
                <a href="../../golang/代码走读/2020.5.26.html">
            
                    
                        <b>1.6.12.1.</b>
                    
                    2020.5.26
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.6.13" data-path="../../golang/任务队列/">
            
                <a href="../../golang/任务队列/">
            
                    
                        <b>1.6.13.</b>
                    
                    任务队列
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.6.13.1" data-path="../../golang/任务队列/gocraft-worker.html">
            
                <a href="../../golang/任务队列/gocraft-worker.html">
            
                    
                        <b>1.6.13.1.</b>
                    
                    Gocraft Worker
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.6.13.2" data-path="../../golang/任务队列/readme.html">
            
                <a href="../../golang/任务队列/readme.html">
            
                    
                        <b>1.6.13.2.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.6.14" data-path="../../golang/参数校验.html">
            
                <a href="../../golang/参数校验.html">
            
                    
                        <b>1.6.14.</b>
                    
                    参数校验
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.7" data-path="../../istio/">
            
                <a href="../../istio/">
            
                    
                        <b>1.7.</b>
                    
                    Istio
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.7.1" data-path="../../istio/readme.html">
            
                <a href="../../istio/readme.html">
            
                    
                        <b>1.7.1.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.7.2" data-path="../../istio/virtualservice.html">
            
                <a href="../../istio/virtualservice.html">
            
                    
                        <b>1.7.2.</b>
                    
                    Virtualservice
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.8" >
            
                <span>
            
                    
                        <b>1.8.</b>
                    
                    Java
            
                </span>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.8.1" data-path="../../java/jvm.html">
            
                <a href="../../java/jvm.html">
            
                    
                        <b>1.8.1.</b>
                    
                    Jvm
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.8.2" data-path="../../java/typescript.html">
            
                <a href="../../java/typescript.html">
            
                    
                        <b>1.8.2.</b>
                    
                    Typescript
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.9" data-path="../">
            
                <a href="../">
            
                    
                        <b>1.9.</b>
                    
                    Kubernetes
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.9.1" data-path="../APIService.html">
            
                <a href="../APIService.html">
            
                    
                        <b>1.9.1.</b>
                    
                    APIService
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.2" data-path="../CAK.html">
            
                <a href="../CAK.html">
            
                    
                        <b>1.9.2.</b>
                    
                    CAK
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.3" data-path="../Deployment 的实现原理.html">
            
                <a href="../Deployment 的实现原理.html">
            
                    
                        <b>1.9.3.</b>
                    
                    Deployment 的实现原理
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.4" data-path="./">
            
                <a href="./">
            
                    
                        <b>1.9.4.</b>
                    
                    K8s源码
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.9.4.1" data-path="calico 源码分析.html">
            
                <a href="calico 源码分析.html">
            
                    
                        <b>1.9.4.1.</b>
                    
                    Calico 源码分析
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.4.2" data-path="garbage collector controller 源码分析.html">
            
                <a href="garbage collector controller 源码分析.html">
            
                    
                        <b>1.9.4.2.</b>
                    
                    Garbage Collector Controller 源码分析
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.4.3" data-path="job.html">
            
                <a href="job.html">
            
                    
                        <b>1.9.4.3.</b>
                    
                    Job
            
                </a>
            

            
        </li>
    
        <li class="chapter active" data-level="1.9.4.4" data-path="kube-proxy-iptables.html">
            
                <a href="kube-proxy-iptables.html">
            
                    
                        <b>1.9.4.4.</b>
                    
                    Kube Proxy Iptables
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.4.5" data-path="kube-proxy-ipvs.html">
            
                <a href="kube-proxy-ipvs.html">
            
                    
                        <b>1.9.4.5.</b>
                    
                    Kube Proxy Ipvs
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.4.6" data-path="kube-proxy.html">
            
                <a href="kube-proxy.html">
            
                    
                        <b>1.9.4.6.</b>
                    
                    Kube Proxy
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.4.7" data-path="kubectl-exec.html">
            
                <a href="kubectl-exec.html">
            
                    
                        <b>1.9.4.7.</b>
                    
                    Kubectl Exec
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.4.8" data-path="kubectl源码阅读1.html">
            
                <a href="kubectl源码阅读1.html">
            
                    
                        <b>1.9.4.8.</b>
                    
                    Kubectl源码阅读1
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.4.9" data-path="kubectl源码阅读2.html">
            
                <a href="kubectl源码阅读2.html">
            
                    
                        <b>1.9.4.9.</b>
                    
                    Kubectl源码阅读2
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.4.10" data-path="readme.html">
            
                <a href="readme.html">
            
                    
                        <b>1.9.4.10.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.4.11" data-path="schedule.html">
            
                <a href="schedule.html">
            
                    
                        <b>1.9.4.11.</b>
                    
                    Schedule
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.4.12" data-path="scheme.html">
            
                <a href="scheme.html">
            
                    
                        <b>1.9.4.12.</b>
                    
                    Scheme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.4.13" data-path="调度队列.html">
            
                <a href="调度队列.html">
            
                    
                        <b>1.9.4.13.</b>
                    
                    调度队列
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.9.5" data-path="../Karmada.html">
            
                <a href="../Karmada.html">
            
                    
                        <b>1.9.5.</b>
                    
                    Karmada
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.6" data-path="../Pixie.html">
            
                <a href="../Pixie.html">
            
                    
                        <b>1.9.6.</b>
                    
                    Pixie
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.7" data-path="../admission access.html">
            
                <a href="../admission access.html">
            
                    
                        <b>1.9.7.</b>
                    
                    Admission Access
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.8" data-path="../ccm.html">
            
                <a href="../ccm.html">
            
                    
                        <b>1.9.8.</b>
                    
                    Ccm
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.9" data-path="../client-go.html">
            
                <a href="../client-go.html">
            
                    
                        <b>1.9.9.</b>
                    
                    Client Go
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.10" data-path="../command.html">
            
                <a href="../command.html">
            
                    
                        <b>1.9.10.</b>
                    
                    Command
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.11" data-path="../controller.html">
            
                <a href="../controller.html">
            
                    
                        <b>1.9.11.</b>
                    
                    Controller
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.12" data-path="../copy docker config.html">
            
                <a href="../copy docker config.html">
            
                    
                        <b>1.9.12.</b>
                    
                    Copy Docker Config
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.13" data-path="../etcd-operation.html">
            
                <a href="../etcd-operation.html">
            
                    
                        <b>1.9.13.</b>
                    
                    Etcd Operation
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.14" data-path="../gc.html">
            
                <a href="../gc.html">
            
                    
                        <b>1.9.14.</b>
                    
                    Gc
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.15" data-path="../helm chart.html">
            
                <a href="../helm chart.html">
            
                    
                        <b>1.9.15.</b>
                    
                    Helm Chart
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.16" data-path="../helm.html">
            
                <a href="../helm.html">
            
                    
                        <b>1.9.16.</b>
                    
                    Helm
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.17" >
            
                <span>
            
                    
                        <b>1.9.17.</b>
                    
                    Helm
            
                </span>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.9.17.1" data-path="../helm/charts.html">
            
                <a href="../helm/charts.html">
            
                    
                        <b>1.9.17.1.</b>
                    
                    Charts
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.17.2" data-path="../helm/helm 钩子函数.html">
            
                <a href="../helm/helm 钩子函数.html">
            
                    
                        <b>1.9.17.2.</b>
                    
                    Helm 钩子函数
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.17.3" data-path="../helm/helm-operator.html">
            
                <a href="../helm/helm-operator.html">
            
                    
                        <b>1.9.17.3.</b>
                    
                    Helm Operator
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.17.4" data-path="../helm/文档查询.html">
            
                <a href="../helm/文档查询.html">
            
                    
                        <b>1.9.17.4.</b>
                    
                    文档查询
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.17.5" data-path="../helm/语法.html">
            
                <a href="../helm/语法.html">
            
                    
                        <b>1.9.17.5.</b>
                    
                    语法
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.9.18" data-path="../install.html">
            
                <a href="../install.html">
            
                    
                        <b>1.9.18.</b>
                    
                    Install
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.19" data-path="../istio-inject.html">
            
                <a href="../istio-inject.html">
            
                    
                        <b>1.9.19.</b>
                    
                    Istio Inject
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.20" >
            
                <span>
            
                    
                        <b>1.9.20.</b>
                    
                    KubeEdge
            
                </span>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.21" data-path="../kuber-apiserver-flag.html">
            
                <a href="../kuber-apiserver-flag.html">
            
                    
                        <b>1.9.21.</b>
                    
                    Kuber Apiserver Flag
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.22" data-path="../kubernetes-client.html">
            
                <a href="../kubernetes-client.html">
            
                    
                        <b>1.9.22.</b>
                    
                    Kubernetes Client
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.23" data-path="../kubernetes灾备.html">
            
                <a href="../kubernetes灾备.html">
            
                    
                        <b>1.9.23.</b>
                    
                    Kubernetes灾备
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.24" data-path="../kubesphere/">
            
                <a href="../kubesphere/">
            
                    
                        <b>1.9.24.</b>
                    
                    Kubesphere
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.9.24.1" data-path="../kubesphere/helm.html">
            
                <a href="../kubesphere/helm.html">
            
                    
                        <b>1.9.24.1.</b>
                    
                    Helm
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.24.2" data-path="../kubesphere/readme.html">
            
                <a href="../kubesphere/readme.html">
            
                    
                        <b>1.9.24.2.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.9.25" data-path="../kubevela/">
            
                <a href="../kubevela/">
            
                    
                        <b>1.9.25.</b>
                    
                    Kubevela
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.9.25.1" data-path="../kubevela/KubeVela 功能.html">
            
                <a href="../kubevela/KubeVela 功能.html">
            
                    
                        <b>1.9.25.1.</b>
                    
                    KubeVela 功能
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.25.2" data-path="../kubevela/cue.html">
            
                <a href="../kubevela/cue.html">
            
                    
                        <b>1.9.25.2.</b>
                    
                    Cue
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.25.3" data-path="../kubevela/oam.html">
            
                <a href="../kubevela/oam.html">
            
                    
                        <b>1.9.25.3.</b>
                    
                    Oam
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.25.4" data-path="../kubevela/readme.html">
            
                <a href="../kubevela/readme.html">
            
                    
                        <b>1.9.25.4.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.25.5" data-path="../kubevela/rollout design.html">
            
                <a href="../kubevela/rollout design.html">
            
                    
                        <b>1.9.25.5.</b>
                    
                    Rollout Design
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.25.6" data-path="../kubevela/vela run.html">
            
                <a href="../kubevela/vela run.html">
            
                    
                        <b>1.9.25.6.</b>
                    
                    Vela Run
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.25.7" data-path="../kubevela/vela up.html">
            
                <a href="../kubevela/vela up.html">
            
                    
                        <b>1.9.25.7.</b>
                    
                    Vela Up
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.25.8" data-path="../kubevela/vela-cluster.html">
            
                <a href="../kubevela/vela-cluster.html">
            
                    
                        <b>1.9.25.8.</b>
                    
                    Vela Cluster
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.25.9" data-path="../kubevela/vela-helm.html">
            
                <a href="../kubevela/vela-helm.html">
            
                    
                        <b>1.9.25.9.</b>
                    
                    Vela Helm
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.25.10" data-path="../kubevela/vela-pk-oam.html">
            
                <a href="../kubevela/vela-pk-oam.html">
            
                    
                        <b>1.9.25.10.</b>
                    
                    Vela Pk Oam
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.9.26" data-path="../mk-cert.html">
            
                <a href="../mk-cert.html">
            
                    
                        <b>1.9.26.</b>
                    
                    Mk Cert
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.27" data-path="../open_swagger-ui.html">
            
                <a href="../open_swagger-ui.html">
            
                    
                        <b>1.9.27.</b>
                    
                    Open Swagger Ui
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.28" data-path="../readme.html">
            
                <a href="../readme.html">
            
                    
                        <b>1.9.28.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.29" data-path="../task/">
            
                <a href="../task/">
            
                    
                        <b>1.9.29.</b>
                    
                    Task
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.9.29.1" data-path="../task/HPA.html">
            
                <a href="../task/HPA.html">
            
                    
                        <b>1.9.29.1.</b>
                    
                    HPA
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.29.2" data-path="../task/kubectl patch.html">
            
                <a href="../task/kubectl patch.html">
            
                    
                        <b>1.9.29.2.</b>
                    
                    Kubectl Patch
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.29.3" data-path="../task/pod 信息注入.html">
            
                <a href="../task/pod 信息注入.html">
            
                    
                        <b>1.9.29.3.</b>
                    
                    Pod 信息注入
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.29.4" data-path="../task/pod 垂直扩缩容.html">
            
                <a href="../task/pod 垂直扩缩容.html">
            
                    
                        <b>1.9.29.4.</b>
                    
                    Pod 垂直扩缩容
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.29.5" data-path="../task/readme.html">
            
                <a href="../task/readme.html">
            
                    
                        <b>1.9.29.5.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.29.6" data-path="../task/server-side-apply.html">
            
                <a href="../task/server-side-apply.html">
            
                    
                        <b>1.9.29.6.</b>
                    
                    Server Side Apply
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.29.7" data-path="../task/准入控制.html">
            
                <a href="../task/准入控制.html">
            
                    
                        <b>1.9.29.7.</b>
                    
                    准入控制
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.29.8" data-path="../task/聚合api.html">
            
                <a href="../task/聚合api.html">
            
                    
                        <b>1.9.29.8.</b>
                    
                    聚合Api
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.29.9" data-path="../task/资源预留配置.html">
            
                <a href="../task/资源预留配置.html">
            
                    
                        <b>1.9.29.9.</b>
                    
                    资源预留配置
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.9.30" data-path="../webhook.html">
            
                <a href="../webhook.html">
            
                    
                        <b>1.9.30.</b>
                    
                    Webhook
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.31" data-path="../一致性认证.html">
            
                <a href="../一致性认证.html">
            
                    
                        <b>1.9.31.</b>
                    
                    一致性认证
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.32" data-path="../专利名词.html">
            
                <a href="../专利名词.html">
            
                    
                        <b>1.9.32.</b>
                    
                    专利名词
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.33" data-path="../删除namespace.html">
            
                <a href="../删除namespace.html">
            
                    
                        <b>1.9.33.</b>
                    
                    删除Namespace
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.34" data-path="../简化多集群.html">
            
                <a href="../简化多集群.html">
            
                    
                        <b>1.9.34.</b>
                    
                    简化多集群
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.35" data-path="../网络插件/">
            
                <a href="../网络插件/">
            
                    
                        <b>1.9.35.</b>
                    
                    网络插件
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.9.35.1" data-path="../网络插件/calico.html">
            
                <a href="../网络插件/calico.html">
            
                    
                        <b>1.9.35.1.</b>
                    
                    Calico
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.35.2" data-path="../网络插件/cilium.html">
            
                <a href="../网络插件/cilium.html">
            
                    
                        <b>1.9.35.2.</b>
                    
                    Cilium
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.35.3" data-path="../网络插件/ebpf.html">
            
                <a href="../网络插件/ebpf.html">
            
                    
                        <b>1.9.35.3.</b>
                    
                    Ebpf
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.35.4" data-path="../网络插件/readme.html">
            
                <a href="../网络插件/readme.html">
            
                    
                        <b>1.9.35.4.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.9.36" data-path="../镜像/">
            
                <a href="../镜像/">
            
                    
                        <b>1.9.36.</b>
                    
                    镜像
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.9.36.1" data-path="../镜像/Containerd Stargz Snapshotter.html">
            
                <a href="../镜像/Containerd Stargz Snapshotter.html">
            
                    
                        <b>1.9.36.1.</b>
                    
                    Containerd Stargz Snapshotter
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.36.2" data-path="../镜像/OCI.html">
            
                <a href="../镜像/OCI.html">
            
                    
                        <b>1.9.36.2.</b>
                    
                    OCI
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.36.3" data-path="../镜像/harbor/">
            
                <a href="../镜像/harbor/">
            
                    
                        <b>1.9.36.3.</b>
                    
                    Harbor
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.9.36.3.1" data-path="../镜像/harbor/readme.html">
            
                <a href="../镜像/harbor/readme.html">
            
                    
                        <b>1.9.36.3.1.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.9.36.4" data-path="../镜像/readme.html">
            
                <a href="../镜像/readme.html">
            
                    
                        <b>1.9.36.4.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.36.5" data-path="../镜像/自动构建镜像.html">
            
                <a href="../镜像/自动构建镜像.html">
            
                    
                        <b>1.9.36.5.</b>
                    
                    自动构建镜像
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.36.6" data-path="../镜像/镜像加速方案.html">
            
                <a href="../镜像/镜像加速方案.html">
            
                    
                        <b>1.9.36.6.</b>
                    
                    镜像加速方案
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.9.36.7" data-path="../镜像/镜像延迟加载技术解析.html">
            
                <a href="../镜像/镜像延迟加载技术解析.html">
            
                    
                        <b>1.9.36.7.</b>
                    
                    镜像延迟加载技术解析
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.10" data-path="../../math/">
            
                <a href="../../math/">
            
                    
                        <b>1.10.</b>
                    
                    Math
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.10.1" data-path="../../math/readme.html">
            
                <a href="../../math/readme.html">
            
                    
                        <b>1.10.1.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.10.2" data-path="../../math/泊松分布.html">
            
                <a href="../../math/泊松分布.html">
            
                    
                        <b>1.10.2.</b>
                    
                    泊松分布
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.11" data-path="../../效率/">
            
                <a href="../../效率/">
            
                    
                        <b>1.11.</b>
                    
                    效率
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.11.1" data-path="../../效率/cat.html">
            
                <a href="../../效率/cat.html">
            
                    
                        <b>1.11.1.</b>
                    
                    Cat
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.2" data-path="../../效率/docker volume clean.html">
            
                <a href="../../效率/docker volume clean.html">
            
                    
                        <b>1.11.2.</b>
                    
                    Docker Volume Clean
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.3" data-path="../../效率/git book.html">
            
                <a href="../../效率/git book.html">
            
                    
                        <b>1.11.3.</b>
                    
                    Git Book
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.4" data-path="../../效率/git.html">
            
                <a href="../../效率/git.html">
            
                    
                        <b>1.11.4.</b>
                    
                    Git
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.5" data-path="../../效率/linux command.html">
            
                <a href="../../效率/linux command.html">
            
                    
                        <b>1.11.5.</b>
                    
                    Linux Command
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.6" data-path="../../效率/linux 内核.html">
            
                <a href="../../效率/linux 内核.html">
            
                    
                        <b>1.11.6.</b>
                    
                    Linux 内核
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.7" data-path="../../效率/macos path.html">
            
                <a href="../../效率/macos path.html">
            
                    
                        <b>1.11.7.</b>
                    
                    Macos Path
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.8" data-path="../../效率/nfs.html">
            
                <a href="../../效率/nfs.html">
            
                    
                        <b>1.11.8.</b>
                    
                    Nfs
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.9" data-path="../../效率/nginx.html">
            
                <a href="../../效率/nginx.html">
            
                    
                        <b>1.11.9.</b>
                    
                    Nginx
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.10" data-path="../../效率/nginx2.html">
            
                <a href="../../效率/nginx2.html">
            
                    
                        <b>1.11.10.</b>
                    
                    Nginx2
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.11" data-path="../../效率/oauth2.html">
            
                <a href="../../效率/oauth2.html">
            
                    
                        <b>1.11.11.</b>
                    
                    Oauth2
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.12" data-path="../../效率/ovftool.html">
            
                <a href="../../效率/ovftool.html">
            
                    
                        <b>1.11.12.</b>
                    
                    Ovftool
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.13" data-path="../../效率/readme.html">
            
                <a href="../../效率/readme.html">
            
                    
                        <b>1.11.13.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.14" data-path="../../效率/sed.html">
            
                <a href="../../效率/sed.html">
            
                    
                        <b>1.11.14.</b>
                    
                    Sed
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.15" data-path="../../效率/shell_judge.html">
            
                <a href="../../效率/shell_judge.html">
            
                    
                        <b>1.11.15.</b>
                    
                    Shell Judge
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.16" data-path="../../效率/sshpass.html">
            
                <a href="../../效率/sshpass.html">
            
                    
                        <b>1.11.16.</b>
                    
                    Sshpass
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.17" data-path="../../效率/telepresence.html">
            
                <a href="../../效率/telepresence.html">
            
                    
                        <b>1.11.17.</b>
                    
                    Telepresence
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.18" data-path="../../效率/typora.html">
            
                <a href="../../效率/typora.html">
            
                    
                        <b>1.11.18.</b>
                    
                    Typora
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.19" data-path="../../效率/url encode.html">
            
                <a href="../../效率/url encode.html">
            
                    
                        <b>1.11.19.</b>
                    
                    Url Encode
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.20" data-path="../../效率/vim.html">
            
                <a href="../../效率/vim.html">
            
                    
                        <b>1.11.20.</b>
                    
                    Vim
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.21" data-path="../../效率/yum.html">
            
                <a href="../../效率/yum.html">
            
                    
                        <b>1.11.21.</b>
                    
                    Yum
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.22" data-path="../../效率/内网穿透.html">
            
                <a href="../../效率/内网穿透.html">
            
                    
                        <b>1.11.22.</b>
                    
                    内网穿透
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.23" data-path="../../效率/科学上网.html">
            
                <a href="../../效率/科学上网.html">
            
                    
                        <b>1.11.23.</b>
                    
                    科学上网
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.11.24" data-path="../../效率/证书制作.html">
            
                <a href="../../效率/证书制作.html">
            
                    
                        <b>1.11.24.</b>
                    
                    证书制作
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.12" >
            
                <span>
            
                    
                        <b>1.12.</b>
                    
                    杂谈
            
                </span>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.12.1" data-path="../../杂谈/论好文章和烂文章.html">
            
                <a href="../../杂谈/论好文章和烂文章.html">
            
                    
                        <b>1.12.1.</b>
                    
                    论好文章和烂文章
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.13" data-path="../../测试/">
            
                <a href="../../测试/">
            
                    
                        <b>1.13.</b>
                    
                    测试
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.13.1" data-path="../../测试/ginkgo/">
            
                <a href="../../测试/ginkgo/">
            
                    
                        <b>1.13.1.</b>
                    
                    Ginkgo
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.13.1.1" data-path="../../测试/ginkgo/ginkgo.html">
            
                <a href="../../测试/ginkgo/ginkgo.html">
            
                    
                        <b>1.13.1.1.</b>
                    
                    Ginkgo
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.13.1.2" data-path="../../测试/ginkgo/ginkgo_cmd.html">
            
                <a href="../../测试/ginkgo/ginkgo_cmd.html">
            
                    
                        <b>1.13.1.2.</b>
                    
                    Ginkgo Cmd
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.13.1.3" data-path="../../测试/ginkgo/readme.html">
            
                <a href="../../测试/ginkgo/readme.html">
            
                    
                        <b>1.13.1.3.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.13.2" data-path="../../测试/golang-test.html">
            
                <a href="../../测试/golang-test.html">
            
                    
                        <b>1.13.2.</b>
                    
                    Golang Test
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.13.3" data-path="../../测试/http测试.html">
            
                <a href="../../测试/http测试.html">
            
                    
                        <b>1.13.3.</b>
                    
                    Http测试
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.13.4" data-path="../../测试/readme.html">
            
                <a href="../../测试/readme.html">
            
                    
                        <b>1.13.4.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.13.5" data-path="../../测试/其他功能.html">
            
                <a href="../../测试/其他功能.html">
            
                    
                        <b>1.13.5.</b>
                    
                    其他功能
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.13.6" data-path="../../测试/单元测试.html">
            
                <a href="../../测试/单元测试.html">
            
                    
                        <b>1.13.6.</b>
                    
                    单元测试
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.13.7" data-path="../../测试/单元测试2.html">
            
                <a href="../../测试/单元测试2.html">
            
                    
                        <b>1.13.7.</b>
                    
                    单元测试2
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.13.8" data-path="../../测试/基准测试.html">
            
                <a href="../../测试/基准测试.html">
            
                    
                        <b>1.13.8.</b>
                    
                    基准测试
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.13.9" data-path="../../测试/子测试与子基准测试.html">
            
                <a href="../../测试/子测试与子基准测试.html">
            
                    
                        <b>1.13.9.</b>
                    
                    子测试与子基准测试
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.13.10" data-path="../../测试/并行测试.html">
            
                <a href="../../测试/并行测试.html">
            
                    
                        <b>1.13.10.</b>
                    
                    并行测试
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.13.11" data-path="../../测试/质量检查/">
            
                <a href="../../测试/质量检查/">
            
                    
                        <b>1.13.11.</b>
                    
                    质量检查
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.13.11.1" data-path="../../测试/质量检查/Sonar.html">
            
                <a href="../../测试/质量检查/Sonar.html">
            
                    
                        <b>1.13.11.1.</b>
                    
                    Sonar
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.13.11.2" data-path="../../测试/质量检查/go_lint.html">
            
                <a href="../../测试/质量检查/go_lint.html">
            
                    
                        <b>1.13.11.2.</b>
                    
                    Go Lint
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.13.11.3" data-path="../../测试/质量检查/readme.html">
            
                <a href="../../测试/质量检查/readme.html">
            
                    
                        <b>1.13.11.3.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.14" data-path="../../规范/">
            
                <a href="../../规范/">
            
                    
                        <b>1.14.</b>
                    
                    规范
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.14.1" data-path="../../规范/CodeReviewComments.html">
            
                <a href="../../规范/CodeReviewComments.html">
            
                    
                        <b>1.14.1.</b>
                    
                    CodeReviewComments
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.14.2" data-path="../../规范/git规范.html">
            
                <a href="../../规范/git规范.html">
            
                    
                        <b>1.14.2.</b>
                    
                    Git规范
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.14.3" data-path="../../规范/golang 代码规范.html">
            
                <a href="../../规范/golang 代码规范.html">
            
                    
                        <b>1.14.3.</b>
                    
                    Golang 代码规范
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.14.4" data-path="../../规范/readme.html">
            
                <a href="../../规范/readme.html">
            
                    
                        <b>1.14.4.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.14.5" data-path="../../规范/代码走读.html">
            
                <a href="../../规范/代码走读.html">
            
                    
                        <b>1.14.5.</b>
                    
                    代码走读
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.15" data-path="../../设计模式/">
            
                <a href="../../设计模式/">
            
                    
                        <b>1.15.</b>
                    
                    设计模式
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.15.1" data-path="../../设计模式/readme.html">
            
                <a href="../../设计模式/readme.html">
            
                    
                        <b>1.15.1.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.2" data-path="../../设计模式/创建模型/">
            
                <a href="../../设计模式/创建模型/">
            
                    
                        <b>1.15.2.</b>
                    
                    创建模型
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.15.2.1" data-path="../../设计模式/创建模型/readme.html">
            
                <a href="../../设计模式/创建模型/readme.html">
            
                    
                        <b>1.15.2.1.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.2.2" data-path="../../设计模式/创建模型/创建者模型.html">
            
                <a href="../../设计模式/创建模型/创建者模型.html">
            
                    
                        <b>1.15.2.2.</b>
                    
                    创建者模型
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.2.3" data-path="../../设计模式/创建模型/单例模式.html">
            
                <a href="../../设计模式/创建模型/单例模式.html">
            
                    
                        <b>1.15.2.3.</b>
                    
                    单例模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.2.4" data-path="../../设计模式/创建模型/原型模式.html">
            
                <a href="../../设计模式/创建模型/原型模式.html">
            
                    
                        <b>1.15.2.4.</b>
                    
                    原型模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.2.5" data-path="../../设计模式/创建模型/工厂方法.html">
            
                <a href="../../设计模式/创建模型/工厂方法.html">
            
                    
                        <b>1.15.2.5.</b>
                    
                    工厂方法
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.2.6" data-path="../../设计模式/创建模型/抽象工厂.html">
            
                <a href="../../设计模式/创建模型/抽象工厂.html">
            
                    
                        <b>1.15.2.6.</b>
                    
                    抽象工厂
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.2.7" data-path="../../设计模式/创建模型/简单工厂.html">
            
                <a href="../../设计模式/创建模型/简单工厂.html">
            
                    
                        <b>1.15.2.7.</b>
                    
                    简单工厂
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.15.3" data-path="../../设计模式/结构型模型/">
            
                <a href="../../设计模式/结构型模型/">
            
                    
                        <b>1.15.3.</b>
                    
                    结构型模型
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.15.3.1" data-path="../../设计模式/结构型模型/readme.html">
            
                <a href="../../设计模式/结构型模型/readme.html">
            
                    
                        <b>1.15.3.1.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.3.2" data-path="../../设计模式/结构型模型/享元模式.html">
            
                <a href="../../设计模式/结构型模型/享元模式.html">
            
                    
                        <b>1.15.3.2.</b>
                    
                    享元模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.3.3" data-path="../../设计模式/结构型模型/代理模式.html">
            
                <a href="../../设计模式/结构型模型/代理模式.html">
            
                    
                        <b>1.15.3.3.</b>
                    
                    代理模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.3.4" data-path="../../设计模式/结构型模型/外观模式.html">
            
                <a href="../../设计模式/结构型模型/外观模式.html">
            
                    
                        <b>1.15.3.4.</b>
                    
                    外观模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.3.5" data-path="../../设计模式/结构型模型/桥模式.html">
            
                <a href="../../设计模式/结构型模型/桥模式.html">
            
                    
                        <b>1.15.3.5.</b>
                    
                    桥模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.3.6" data-path="../../设计模式/结构型模型/组合模式.html">
            
                <a href="../../设计模式/结构型模型/组合模式.html">
            
                    
                        <b>1.15.3.6.</b>
                    
                    组合模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.3.7" data-path="../../设计模式/结构型模型/装饰模式.html">
            
                <a href="../../设计模式/结构型模型/装饰模式.html">
            
                    
                        <b>1.15.3.7.</b>
                    
                    装饰模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.3.8" data-path="../../设计模式/结构型模型/适配器模式.html">
            
                <a href="../../设计模式/结构型模型/适配器模式.html">
            
                    
                        <b>1.15.3.8.</b>
                    
                    适配器模式
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.15.4" data-path="../../设计模式/行为型模型/">
            
                <a href="../../设计模式/行为型模型/">
            
                    
                        <b>1.15.4.</b>
                    
                    行为型模型
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.15.4.1" data-path="../../设计模式/行为型模型/readme.html">
            
                <a href="../../设计模式/行为型模型/readme.html">
            
                    
                        <b>1.15.4.1.</b>
                    
                    Readme
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.4.2" data-path="../../设计模式/行为型模型/中介者模式.html">
            
                <a href="../../设计模式/行为型模型/中介者模式.html">
            
                    
                        <b>1.15.4.2.</b>
                    
                    中介者模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.4.3" data-path="../../设计模式/行为型模型/命令模式.html">
            
                <a href="../../设计模式/行为型模型/命令模式.html">
            
                    
                        <b>1.15.4.3.</b>
                    
                    命令模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.4.4" data-path="../../设计模式/行为型模型/备忘录模式.html">
            
                <a href="../../设计模式/行为型模型/备忘录模式.html">
            
                    
                        <b>1.15.4.4.</b>
                    
                    备忘录模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.4.5" data-path="../../设计模式/行为型模型/模板方法模式.html">
            
                <a href="../../设计模式/行为型模型/模板方法模式.html">
            
                    
                        <b>1.15.4.5.</b>
                    
                    模板方法模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.4.6" data-path="../../设计模式/行为型模型/状态模式.html">
            
                <a href="../../设计模式/行为型模型/状态模式.html">
            
                    
                        <b>1.15.4.6.</b>
                    
                    状态模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.4.7" data-path="../../设计模式/行为型模型/策略模式.html">
            
                <a href="../../设计模式/行为型模型/策略模式.html">
            
                    
                        <b>1.15.4.7.</b>
                    
                    策略模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.4.8" data-path="../../设计模式/行为型模型/职责链模式.html">
            
                <a href="../../设计模式/行为型模型/职责链模式.html">
            
                    
                        <b>1.15.4.8.</b>
                    
                    职责链模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.4.9" data-path="../../设计模式/行为型模型/观察者模式.html">
            
                <a href="../../设计模式/行为型模型/观察者模式.html">
            
                    
                        <b>1.15.4.9.</b>
                    
                    观察者模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.4.10" data-path="../../设计模式/行为型模型/解释器模式.html">
            
                <a href="../../设计模式/行为型模型/解释器模式.html">
            
                    
                        <b>1.15.4.10.</b>
                    
                    解释器模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.4.11" data-path="../../设计模式/行为型模型/访问者模式.html">
            
                <a href="../../设计模式/行为型模型/访问者模式.html">
            
                    
                        <b>1.15.4.11.</b>
                    
                    访问者模式
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.15.4.12" data-path="../../设计模式/行为型模型/迭代器模式.html">
            
                <a href="../../设计模式/行为型模型/迭代器模式.html">
            
                    
                        <b>1.15.4.12.</b>
                    
                    迭代器模式
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    

            </ul>
            
        </li>
    

    

    <li class="divider"></li>

    <li>
        <a href="https://www.gitbook.com" target="blank" class="gitbook-link">
            本书使用 GitBook 发布
        </a>
    </li>
</ul>


                </nav>
            
        
    </div>

    <div class="book-body">
        
            <div class="body-inner">
                
                    

<div class="book-header" role="navigation">
    

    <!-- Title -->
    <h1>
        <i class="fa fa-circle-o-notch fa-spin"></i>
        <a href="../../.." >Kube Proxy Iptables</a>
    </h1>
</div>




                    <div class="page-wrapper" tabindex="-1" role="main">
                        <div class="page-inner">
                            
<div id="book-search-results">
    <div class="search-noresults">
    
                                <section class="normal markdown-section">
                                
                                <div id="anchor-navigation-ex-navbar"><i class="fa fa-anchor"></i><ul><li><a href="#kube-proxy-iptables">kube-proxy iptables</a></li></ul></div><a href="#kube-proxy-iptables" id="anchorNavigationExGoTop"><i class="fa fa-arrow-up"></i></a><h1 id="kube-proxy-iptables"><a name="kube-proxy-iptables" class="anchor-navigation-ex-anchor" href="#kube-proxy-iptables"><i class="fa fa-link" aria-hidden="true"></i></a>kube-proxy iptables</h1>
<p><a href="https://www.bookstack.cn/read/source-code-reading-notes/kubernetes-kube_proxy_iptables.md" target="_blank">&#x6587;&#x7AE0;&#x6765;&#x6E90;</a></p>
<h3 id="iptables-&#x7684;&#x529F;&#x80FD;"><a name="iptables-&#x7684;&#x529F;&#x80FD;" class="anchor-navigation-ex-anchor" href="#iptables-&#x7684;&#x529F;&#x80FD;"><i class="fa fa-link" aria-hidden="true"></i></a>iptables &#x7684;&#x529F;&#x80FD;</h3>
<p>&#x5728;&#x524D;&#x9762;&#x7684;&#x6587;&#x7AE0;&#x4E2D;&#x5DF2;&#x7ECF;&#x4ECB;&#x7ECD;&#x8FC7; iptable &#x7684;&#x4E00;&#x4E9B;&#x57FA;&#x672C;&#x4FE1;&#x606F;&#xFF0C;&#x672C;&#x6587;&#x4F1A;&#x6DF1;&#x5165;&#x4ECB;&#x7ECD; kube-proxy iptables &#x6A21;&#x5F0F;&#x4E0B;&#x7684;&#x5DE5;&#x4F5C;&#x539F;&#x7406;&#xFF0C;&#x672C;&#x6587;&#x4E2D;&#x591A;&#x5904;&#x4F1A;&#x4E0E; iptables &#x7684;&#x77E5;&#x8BC6;&#x76F8;&#x5173;&#x8054;&#xFF0C;&#x82E5;&#x6CA1;&#x6709; iptables &#x57FA;&#x7840;&#xFF0C;&#x8BF7;&#x5148;&#x81EA;&#x884C;&#x8865;&#x5145;&#x3002;</p>
<p>iptables &#x7684;&#x529F;&#x80FD;&#xFF1A;</p>
<ul>
<li>&#x6D41;&#x91CF;&#x8F6C;&#x53D1;&#xFF1A;DNAT &#x5B9E;&#x73B0; IP &#x5730;&#x5740;&#x548C;&#x7AEF;&#x53E3;&#x7684;&#x6620;&#x5C04;&#xFF1B;</li>
<li>&#x8D1F;&#x8F7D;&#x5747;&#x8861;&#xFF1A;statistic &#x6A21;&#x5757;&#x4E3A;&#x6BCF;&#x4E2A;&#x540E;&#x7AEF;&#x8BBE;&#x7F6E;&#x6743;&#x91CD;&#xFF1B;</li>
<li>&#x4F1A;&#x8BDD;&#x4FDD;&#x6301;&#xFF1A;recent &#x6A21;&#x5757;&#x8BBE;&#x7F6E;&#x4F1A;&#x8BDD;&#x4FDD;&#x6301;&#x65F6;&#x95F4;&#xFF1B;</li>
</ul>
<p>iptables &#x6709;&#x4E94;&#x5F20;&#x8868;&#x548C;&#x4E94;&#x6761;&#x94FE;&#xFF0C;&#x4E94;&#x6761;&#x94FE;&#x5206;&#x522B;&#x5BF9;&#x5E94;&#x4E3A;&#xFF1A;</p>
<ul>
<li>PREROUTING &#x94FE;&#xFF1A;&#x6570;&#x636E;&#x5305;&#x8FDB;&#x5165;&#x8DEF;&#x7531;&#x4E4B;&#x524D;&#xFF0C;&#x53EF;&#x4EE5;&#x5728;&#x6B64;&#x5904;&#x8FDB;&#x884C; DNAT&#xFF1B;</li>
<li>INPUT &#x94FE;&#xFF1A;&#x4E00;&#x822C;&#x5904;&#x7406;&#x672C;&#x5730;&#x8FDB;&#x7A0B;&#x7684;&#x6570;&#x636E;&#x5305;&#xFF0C;&#x76EE;&#x7684;&#x5730;&#x5740;&#x4E3A;&#x672C;&#x673A;&#xFF1B;</li>
<li>FORWARD &#x94FE;&#xFF1A;&#x4E00;&#x822C;&#x5904;&#x7406;&#x8F6C;&#x53D1;&#x5230;&#x5176;&#x4ED6;&#x673A;&#x5668;&#x6216;&#x8005; network namespace &#x7684;&#x6570;&#x636E;&#x5305;&#xFF1B;</li>
<li>OUTPUT &#x94FE;&#xFF1A;&#x539F;&#x5730;&#x5740;&#x4E3A;&#x672C;&#x673A;&#xFF0C;&#x5411;&#x5916;&#x53D1;&#x9001;&#xFF0C;&#x4E00;&#x822C;&#x5904;&#x7406;&#x672C;&#x5730;&#x8FDB;&#x7A0B;&#x7684;&#x8F93;&#x51FA;&#x6570;&#x636E;&#x5305;&#xFF1B;</li>
<li>POSTROUTING &#x94FE;&#xFF1A;&#x53D1;&#x9001;&#x5230;&#x7F51;&#x5361;&#x4E4B;&#x524D;&#xFF0C;&#x53EF;&#x4EE5;&#x5728;&#x6B64;&#x5904;&#x8FDB;&#x884C; SNAT</li>
</ul>
<p>&#x8FD9;&#x4E94;&#x5F20;&#x8868;&#x662F;&#x5BF9; iptables &#x6240;&#x6709;&#x89C4;&#x5219;&#x7684;&#x903B;&#x8F91;&#x96C6;&#x7FA4;&#x4E14;&#x662F;&#x6709;&#x987A;&#x5E8F;&#x7684;&#xFF0C;&#x5F53;&#x6570;&#x636E;&#x5305;&#x5230;&#x8FBE;&#x67D0;&#x4E00;&#x6761;&#x94FE;&#x65F6;&#x4F1A;&#x6309;&#x8868;&#x7684;&#x987A;&#x5E8F;&#x8FDB;&#x884C;&#x5904;&#x7406;&#xFF0C;&#x8868;&#x7684;&#x4F18;&#x5148;&#x7EA7;&#x4E3A;&#xFF1A;raw&#x3001;mangle&#x3001;nat&#x3001;filter&#x3001;security&#x3002;</p>
<p>iptables &#x7684;&#x5DE5;&#x4F5C;&#x6D41;&#x7A0B;&#x5982;&#x4E0B;&#x56FE;&#x6240;&#x793A;&#xFF1A;</p>
<p><img src="https://static.sitestack.cn/projects/source-code-reading-notes/ddcfb3459c61934ecc162ed00b0623ef.png" alt="iptables"></p>
<h3 id="kube-proxy-&#x7684;-iptables-&#x6A21;&#x5F0F;"><a name="kube-proxy-&#x7684;-iptables-&#x6A21;&#x5F0F;" class="anchor-navigation-ex-anchor" href="#kube-proxy-&#x7684;-iptables-&#x6A21;&#x5F0F;"><i class="fa fa-link" aria-hidden="true"></i></a>kube-proxy &#x7684; iptables &#x6A21;&#x5F0F;</h3>
<p>Kube-proxy &#x7EC4;&#x4EF6;&#x8D1F;&#x8D23;&#x7EF4;&#x62A4;node&#x8282;&#x70B9;&#x4E0A;&#x7684;&#x9632;&#x706B;&#x5899;&#x89C4;&#x5219;&#x548C;&#x8DEF;&#x7531;&#x89C4;&#x5219;&#xFF0C;&#x5728;iptables&#x6A21;&#x5F0F;&#x4E0B;&#xFF0C;&#x4F1A;&#x6839;&#x636E;service&#x4EE5;&#x53CA;endpoints&#x5BF9;&#x8C61;&#x7684;&#x6539;&#x53D8;&#x6765;&#x5B9E;&#x65F6;&#x5237;&#x65B0;&#x89C4;&#x5219;&#xFF0C;kube-proxy&#x4F7F;&#x7528;&#x4E86;iptables&#x7684;<strong>filter</strong>&#x8868;&#x548C;<strong>nat</strong>&#x8868;&#xFF0C;&#x5E76;&#x5BF9;iptbales&#x7684;&#x94FE;&#x8FDB;&#x884C;&#x4E86;&#x6269;&#x5145;&#xFF0C;&#x81EA;&#x5B9A;&#x4E49;&#x4E86;KUBE-SERVICE&#xFF0C;KUBE-EXTERNAL-SERVICES&#xFF0C;KUBE-POSTROUTING&#xFF0C;KUBE-MARK-MASK&#xFF0C;KUBE-MARK-DROP&#x3001;KUBE-FORWARD &#x4E03;&#x6761;&#x94FE;&#xFF0C;&#x53E6;&#x5916;&#x8FD8;&#x65B0;&#x589E;&#x4E86;&#x4EE5;&#x201C;KUBE-SVC-xxx&#x201D;&#x548C;&#x201C;KUBE-SEP-xxx&#x201D;&#x5F00;&#x5934;&#x7684;&#x6570;&#x4E2A;&#x94FE;&#xFF0C;&#x9664;&#x4E86;&#x521B;&#x5EFA;&#x81EA;&#x5B9A;&#x4E49;&#x7684;&#x94FE;&#x4EE5;&#x5916;&#x8FD8;&#x5C06;&#x81EA;&#x5B9A;&#x4E49;&#x94FE;&#x63D2;&#x5165;&#x5230;&#x5DF2;&#x6709;&#x94FE;&#x7684;&#x540E;&#x9762;&#x4EE5;&#x4FBF;&#x52AB;&#x6301;&#x6570;&#x636E;&#x5305;&#x3002;</p>
<p>&#x5728; nat &#x8868;&#x4E2D;&#x81EA;&#x5B9A;&#x4E49;&#x7684;&#x94FE;&#x4EE5;&#x53CA;&#x8FFD;&#x52A0;&#x7684;&#x94FE;&#x5982;&#x4E0B;&#x6240;&#x793A;&#xFF1A;</p>
<p><img src="https://static.sitestack.cn/projects/source-code-reading-notes/3caeea724331ebb6a813631c7185b278.png" alt="kube-proxy iptables &#x6A21;&#x5F0F;&#x6E90;&#x7801;&#x5206;&#x6790; - &#x56FE;2"></p>
<p>&#x5728; filter &#x8868;&#x5B9A;&#x4E49;&#x7684;&#x94FE;&#x4EE5;&#x53CA;&#x8FFD;&#x52A0;&#x7684;&#x94FE;&#x5982;&#x4E0B;&#x6240;&#x793A;&#x5982;&#x4E0B;&#x6240;&#x793A;&#xFF1A;</p>
<p><img src="https://static.sitestack.cn/projects/source-code-reading-notes/c394cef027d5a82bde94bf123b9fb14f.png" alt="kube-proxy iptables &#x6A21;&#x5F0F;&#x6E90;&#x7801;&#x5206;&#x6790; - &#x56FE;3"></p>
<p>&#x5BF9;&#x4E8E; KUBE-MARK-MASQ &#x94FE;&#x4E2D;&#x6240;&#x6709;&#x89C4;&#x5219;&#x8BBE;&#x7F6E;&#x4E86; kubernetes &#x72EC;&#x6709;&#x7684; MARK &#x6807;&#x8BB0;&#xFF0C;&#x5728; KUBE-POSTROUTING &#x94FE;&#x4E2D;&#x5BF9; node &#x8282;&#x70B9;&#x4E0A;&#x5339;&#x914D; kubernetes &#x72EC;&#x6709; MARK &#x6807;&#x8BB0;&#x7684;&#x6570;&#x636E;&#x5305;&#xFF0C;&#x8FDB;&#x884C; SNAT &#x5904;&#x7406;&#x3002;</p>
<pre class="language-"><code>-A KUBE-MARK-MASQ -j MARK --set-xmark 0x4000/0x4000
</code></pre><p>Kube-proxy &#x63A5;&#x7740;&#x4E3A;&#x6BCF;&#x4E2A;&#x670D;&#x52A1;&#x521B;&#x5EFA; KUBE-SVC-xxx &#x94FE;&#xFF0C;&#x5E76;&#x5728; nat &#x8868;&#x4E2D;&#x5C06; KUBE-SERVICES &#x94FE;&#x4E2D;&#x6BCF;&#x4E2A;&#x76EE;&#x6807;&#x5730;&#x5740;&#x662F;service &#x7684;&#x6570;&#x636E;&#x5305;&#x5BFC;&#x5165;&#x8FD9;&#x4E2A; KUBE-SVC-xxx &#x94FE;&#xFF0C;&#x5982;&#x679C; endpoint &#x5C1A;&#x672A;&#x521B;&#x5EFA;&#xFF0C;&#x5219; KUBE-SVC-xxx &#x94FE;&#x4E2D;&#x6CA1;&#x6709;&#x89C4;&#x5219;&#xFF0C;&#x4EFB;&#x4F55; incomming packets &#x5728;&#x89C4;&#x5219;&#x5339;&#x914D;&#x5931;&#x8D25;&#x540E;&#x4F1A;&#x88AB; KUBE-MARK-DROP &#x8FDB;&#x884C;&#x6807;&#x8BB0;&#x7136;&#x540E;&#x518D; FORWARD &#x94FE;&#x4E2D;&#x4E22;&#x5F03;&#x3002;</p>
<p>&#x8FD9;&#x4E9B;&#x81EA;&#x5B9A;&#x4E49;&#x94FE;&#x4E0E; iptables &#x7684;&#x8868;&#x7ED3;&#x5408;&#x540E;&#x5982;&#x4E0B;&#x6240;&#x793A;&#xFF0C;&#x7B14;&#x8005;&#x53EA;&#x753B;&#x51FA;&#x4E86;h-    PREROUTING &#x548C; OUTPUT &#x94FE;&#x4E2D;&#x8FFD;&#x52A0;&#x7684;&#x94FE;&#x4EE5;&#x53CA;&#x90E8;&#x5206;&#x81EA;&#x5B9A;&#x4E49;&#x94FE;&#xFF0C;&#x56E0;&#x4E3A; PREROUTING &#x548C; OUTPUT &#x7684;&#x9996;&#x6761; NAT &#x89C4;&#x5219;&#x90FD;&#x5148;&#x5C06;&#x6240;&#x6709;&#x6D41;&#x91CF;&#x5BFC;&#x5165;KUBE-SERVICE &#x94FE;&#x4E2D;&#xFF0C;&#x8FD9;&#x6837;&#x5C31;&#x622A;&#x83B7;&#x4E86;&#x6240;&#x6709;&#x7684;&#x5165;&#x6D41;&#x91CF;&#x548C;&#x51FA;&#x6D41;&#x91CF;&#xFF0C;&#x8FDB;&#x800C;&#x53EF;&#x4EE5;&#x5BF9; k8s &#x76F8;&#x5173;&#x6D41;&#x91CF;&#x8FDB;&#x884C;&#x91CD;&#x5B9A;&#x5411;&#x5904;&#x7406;&#x3002;</p>
<p><img src="https://static.sitestack.cn/projects/source-code-reading-notes/e7fabc7a60917682ee42120341491226.png" alt="ffsmsM"></p>
<p>kubernetes &#x81EA;&#x5B9A;&#x4E49;&#x94FE;&#x4E2D;&#x6570;&#x636E;&#x5305;&#x7684;&#x8BE6;&#x7EC6;&#x6D41;&#x8F6C;&#x53EF;&#x4EE5;&#x53C2;&#x8003;&#xFF1A;</p>
<p><img src="https://static.sitestack.cn/projects/source-code-reading-notes/729e704bd9fc39c9223da5185e9ef084.png" alt="kube-proxy iptables &#x6A21;&#x5F0F;&#x6E90;&#x7801;&#x5206;&#x6790; - &#x56FE;5"></p>
<h3 id="iptables-&#x89C4;&#x5219;&#x5206;&#x6790;"><a name="iptables-&#x89C4;&#x5219;&#x5206;&#x6790;" class="anchor-navigation-ex-anchor" href="#iptables-&#x89C4;&#x5219;&#x5206;&#x6790;"><i class="fa fa-link" aria-hidden="true"></i></a>iptables &#x89C4;&#x5219;&#x5206;&#x6790;</h3>
<h4 id="clusterip-&#x8BBF;&#x95EE;&#x65B9;&#x5F0F;"><a name="clusterip-&#x8BBF;&#x95EE;&#x65B9;&#x5F0F;" class="anchor-navigation-ex-anchor" href="#clusterip-&#x8BBF;&#x95EE;&#x65B9;&#x5F0F;"><i class="fa fa-link" aria-hidden="true"></i></a>clusterIP &#x8BBF;&#x95EE;&#x65B9;&#x5F0F;</h4>
<p>&#x521B;&#x5EFA;&#x4E00;&#x4E2A; clusterIP &#x8BBF;&#x95EE;&#x65B9;&#x5F0F;&#x7684; service &#x4EE5;&#x53CA;&#x5E26;&#x6709;&#x4E24;&#x4E2A;&#x526F;&#x672C;&#xFF0C;&#x4ECE; pod &#x4E2D;&#x8BBF;&#x95EE; clusterIP &#x7684; iptables &#x89C4;&#x5219;&#x6D41;&#x5411;&#x4E3A;&#xFF1A;</p>
<pre class="language-"><code>PREROUTING --&gt; KUBE-SERVICE --&gt; KUBE-SVC-XXX --&gt; KUBE-SEP-XXX
</code></pre><p>&#x8BBF;&#x95EE;&#x6D41;&#x7A0B;&#x5982;&#x4E0B;&#x6240;&#x793A;&#xFF1A;</p>
<ul>
<li>1&#x3001;&#x5BF9;&#x4E8E;&#x8FDB;&#x5165; PREROUTING &#x94FE;&#x7684;&#x90FD;&#x8F6C;&#x5230; KUBE-SERVICES &#x94FE;&#x8FDB;&#x884C;&#x5904;&#x7406;&#xFF1B;</li>
<li>2&#x3001;&#x5728; KUBE-SERVICES &#x94FE;&#xFF0C;&#x5BF9;&#x4E8E;&#x8BBF;&#x95EE; clusterIP &#x4E3A; 10.110.243.155 &#x7684;&#x8F6C;&#x53D1;&#x5230; KUBE-SVC-5SB6FTEHND4GTL2W&#xFF1B;</li>
<li>3&#x3001;&#x8BBF;&#x95EE; KUBE-SVC-5SB6FTEHND4GTL2W &#x7684;&#x4F7F;&#x7528;&#x968F;&#x673A;&#x6570;&#x8D1F;&#x8F7D;&#x5747;&#x8861;&#xFF0C;&#x5E76;&#x8F6C;&#x53D1;&#x5230; KUBE-SEP-CI5ZO3FTK7KBNRMG &#x548C; KUBE-SEP-OVNLTDWFHTHII4SC &#x4E0A;&#xFF1B;</li>
<li>4&#x3001;KUBE-SEP-CI5ZO3FTK7KBNRMG &#x548C; KUBE-SEP-OVNLTDWFHTHII4SC &#x5BF9;&#x5E94; endpoint &#x4E2D;&#x7684; pod 192.168.137.147 &#x548C; 192.168.98.213&#xFF0C;&#x8BBE;&#x7F6E; mark &#x6807;&#x8BB0;&#xFF0C;&#x8FDB;&#x884C; DNAT &#x5E76;&#x8F6C;&#x53D1;&#x5230;&#x5177;&#x4F53;&#x7684; pod &#x4E0A;&#xFF0C;&#x5982;&#x679C;&#x67D0;&#x4E2A; service &#x7684; endpoints &#x4E2D;&#x6CA1;&#x6709; pod&#xFF0C;&#x90A3;&#x4E48;&#x9488;&#x5BF9;&#x6B64; service &#x7684;&#x8BF7;&#x6C42;&#x5C06;&#x4F1A;&#x88AB; drop &#x6389;&#xFF1B;</li>
</ul>
<pre class="language-"><code>// 1.
-A PREROUTING -m comment --comment &quot;kubernetes service portals&quot; -j KUBE-SERVICES
// 2.
-A KUBE-SERVICES -d 10.110.243.155/32 -p tcp -m comment --comment &quot;pks-system/tenant-service: cluster IP&quot; -m tcp --dport 7000 -j KUBE-SVC-5SB6FTEHND4GTL2W
// 3.
-A KUBE-SVC-5SB6FTEHND4GTL2W -m statistic --mode random --probability 0.50000000000 -j KUBE-SEP-CI5ZO3FTK7KBNRMG
-A KUBE-SVC-5SB6FTEHND4GTL2W -j KUBE-SEP-OVNLTDWFHTHII4SC
// 4.
-A KUBE-SEP-CI5ZO3FTK7KBNRMG -s 192.168.137.147/32 -j KUBE-MARK-MASQ
-A KUBE-SEP-CI5ZO3FTK7KBNRMG -p tcp -m tcp -j DNAT --to-destination 192.168.137.147:7000
-A KUBE-SEP-OVNLTDWFHTHII4SC -s 192.168.98.213/32 -j KUBE-MARK-MASQ
-A KUBE-SEP-OVNLTDWFHTHII4SC -p tcp -m tcp -j DNAT --to-destination 192.168.98.213:7000
</code></pre><h4 id="nodeport-&#x65B9;&#x5F0F;"><a name="nodeport-&#x65B9;&#x5F0F;" class="anchor-navigation-ex-anchor" href="#nodeport-&#x65B9;&#x5F0F;"><i class="fa fa-link" aria-hidden="true"></i></a>nodePort &#x65B9;&#x5F0F;</h4>
<p>&#x5728; nodePort &#x65B9;&#x5F0F;&#x4E0B;&#xFF0C;&#x4F1A;&#x7528;&#x5230; KUBE-NODEPORTS &#x89C4;&#x5219;&#x94FE;&#xFF0C;&#x901A;&#x8FC7; <code>iptables -t nat -L -n</code> &#x53EF;&#x4EE5;&#x770B;&#x5230; KUBE-NODEPORTS &#x4F4D;&#x4E8E; KUBE-SERVICE &#x94FE;&#x7684;&#x6700;&#x540E;&#x4E00;&#x4E2A;&#xFF0C;iptables &#x5728;&#x5904;&#x7406;&#x62A5;&#x6587;&#x65F6;&#x4F1A;&#x4F18;&#x5148;&#x5904;&#x7406;&#x76EE;&#x7684; IP &#x4E3A;clusterIP &#x7684;&#x62A5;&#x6587;&#xFF0C;&#x5728;&#x524D;&#x9762;&#x7684; KUBE-SVC-XXX &#x90FD;&#x5339;&#x914D;&#x5931;&#x8D25;&#x4E4B;&#x540E;&#x518D;&#x53BB;&#x4F7F;&#x7528; nodePort &#x65B9;&#x5F0F;&#x8FDB;&#x884C;&#x5339;&#x914D;&#x3002;</p>
<p>&#x521B;&#x5EFA;&#x4E00;&#x4E2A; nodePort &#x8BBF;&#x95EE;&#x65B9;&#x5F0F;&#x7684; service &#x4EE5;&#x53CA;&#x5E26;&#x6709;&#x4E24;&#x4E2A;&#x526F;&#x672C;&#xFF0C;&#x8BBF;&#x95EE; nodeport &#x7684; iptables &#x89C4;&#x5219;&#x6D41;&#x5411;&#x4E3A;&#xFF1A;</p>
<p>1&#x3001;&#x975E;&#x672C;&#x673A;&#x8BBF;&#x95EE;</p>
<pre class="language-"><code>PREROUTING --&gt; KUBE-SERVICE --&gt; KUBE-NODEPORTS --&gt; KUBE-SVC-XXX --&gt; KUBE-SEP-XXX
</code></pre><p>2&#x3001;&#x672C;&#x673A;&#x8BBF;&#x95EE;</p>
<pre class="language-"><code>OUTPUT --&gt; KUBE-SERVICE --&gt; KUBE-NODEPORTS --&gt; KUBE-SVC-XXX --&gt; KUBE-SEP-XXX
</code></pre><p>&#x8BE5;&#x670D;&#x52A1;&#x7684; nodePort &#x7AEF;&#x53E3;&#x4E3A; 30070&#xFF0C;&#x5176; iptables &#x8BBF;&#x95EE;&#x89C4;&#x5219;&#x548C;&#x4F7F;&#x7528; clusterIP &#x65B9;&#x5F0F;&#x8BBF;&#x95EE;&#x6709;&#x70B9;&#x7C7B;&#x4F3C;&#xFF0C;&#x4E0D;&#x8FC7; nodePort &#x65B9;&#x5F0F;&#x4F1A;&#x6BD4; clusterIP &#x7684;&#x65B9;&#x5F0F;&#x591A;&#x8D70;&#x4E00;&#x6761;&#x94FE; KUBE-NODEPORTS&#xFF0C;&#x5176;&#x4F1A;&#x5728; KUBE-NODEPORTS &#x94FE;&#x8BBE;&#x7F6E; mark &#x6807;&#x8BB0;&#x5E76;&#x8F6C;&#x53D1;&#x5230; KUBE-SVC-5SB6FTEHND4GTL2W&#xFF0C;nodeport &#x4E0E; clusterIP &#x8BBF;&#x95EE;&#x65B9;&#x5F0F;&#x6700;&#x540E;&#x90FD;&#x662F;&#x8F6C;&#x53D1;&#x5230;&#x4E86; KUBE-SVC-xxx &#x94FE;&#x3002;</p>
<ul>
<li>1&#x3001;&#x7ECF;&#x8FC7; PREROUTING &#x8F6C;&#x5230; KUBE-SERVICES</li>
<li>2&#x3001;&#x7ECF;&#x8FC7; KUBE-SERVICES &#x8F6C;&#x5230; KUBE-NODEPORTS</li>
<li>3&#x3001;&#x7ECF;&#x8FC7; KUBE-NODEPORTS &#x8F6C;&#x5230; KUBE-SVC-5SB6FTEHND4GTL2W</li>
<li>4&#x3001;&#x7ECF;&#x8FC7; KUBE-SVC-5SB6FTEHND4GTL2W &#x8F6C;&#x5230; KUBE-SEP-CI5ZO3FTK7KBNRMG &#x548C; KUBE-SEP-VR562QDKF524UNPV</li>
<li>5&#x3001;&#x7ECF;&#x8FC7; KUBE-SEP-CI5ZO3FTK7KBNRMG &#x548C; KUBE-SEP-VR562QDKF524UNPV &#x5206;&#x522B;&#x8F6C;&#x5230; 192.168.137.147:7000 &#x548C; 192.168.89.11:7000</li>
</ul>
<pre class="language-"><code>// 1.
-A PREROUTING -m comment --comment &quot;kubernetes service portals&quot; -j KUBE-SERVICES
// 2.
......
-A KUBE-SERVICES xxx
......
-A KUBE-SERVICES -m comment --comment &quot;kubernetes service nodeports; NOTE: this must be the last rule in this chain&quot; -m addrtype --dst-type LOCAL -j KUBE-NODEPORTS
// 3.
-A KUBE-NODEPORTS -p tcp -m comment --comment &quot;pks-system/tenant-service:&quot; -m tcp --dport 30070 -j KUBE-MARK-MASQ
-A KUBE-NODEPORTS -p tcp -m comment --comment &quot;pks-system/tenant-service:&quot; -m tcp --dport 30070 -j KUBE-SVC-5SB6FTEHND4GTL2W
// 4&#x3001;
-A KUBE-SVC-5SB6FTEHND4GTL2W -m statistic --mode random --probability 0.50000000000 -j KUBE-SEP-CI5ZO3FTK7KBNRMG
-A KUBE-SVC-5SB6FTEHND4GTL2W -j KUBE-SEP-VR562QDKF524UNPV
// 5&#x3001;
-A KUBE-SEP-CI5ZO3FTK7KBNRMG -s 192.168.137.147/32 -j KUBE-MARK-MASQ
-A KUBE-SEP-CI5ZO3FTK7KBNRMG -p tcp -m tcp -j DNAT --to-destination 192.168.137.147:7000
-A KUBE-SEP-VR562QDKF524UNPV -s 192.168.89.11/32 -j KUBE-MARK-MASQ
-A KUBE-SEP-VR562QDKF524UNPV -p tcp -m tcp -j DNAT --to-destination 192.168.89.11:7000
</code></pre><p>&#x5176;&#x4ED6;&#x8BBF;&#x95EE;&#x65B9;&#x5F0F;&#x5BF9;&#x5E94;&#x7684; iptables &#x89C4;&#x5219;&#x53EF;&#x81EA;&#x884C;&#x5206;&#x6790;&#x3002;</p>
<h3 id="iptables-&#x6A21;&#x5F0F;&#x6E90;&#x7801;&#x5206;&#x6790;"><a name="iptables-&#x6A21;&#x5F0F;&#x6E90;&#x7801;&#x5206;&#x6790;" class="anchor-navigation-ex-anchor" href="#iptables-&#x6A21;&#x5F0F;&#x6E90;&#x7801;&#x5206;&#x6790;"><i class="fa fa-link" aria-hidden="true"></i></a>iptables &#x6A21;&#x5F0F;&#x6E90;&#x7801;&#x5206;&#x6790;</h3>
<blockquote>
<p>kubernetes &#x7248;&#x672C;&#xFF1A;v1.16</p>
</blockquote>
<p>&#x4E0A;&#x7BC7;&#x6587;&#x7AE0;&#x5DF2;&#x7ECF;&#x5728;&#x6E90;&#x7801;&#x65B9;&#x9762;&#x505A;&#x4E86;&#x8BB8;&#x591A;&#x94FA;&#x57AB;&#xFF0C;&#x4E0B;&#x9762;&#x5C31;&#x76F4;&#x63A5;&#x770B; kube-proxy iptables &#x6A21;&#x5F0F;&#x7684;&#x6838;&#x5FC3;&#x65B9;&#x6CD5;&#x3002;&#x9996;&#x5148;&#x56DE;&#x987E;&#x4E00;&#x4E0B; iptables &#x6A21;&#x5F0F;&#x7684;&#x8C03;&#x7528;&#x6D41;&#x7A0B;&#xFF0C;kube-proxy &#x6839;&#x636E;&#x7ED9;&#x5B9A;&#x7684; proxyMode &#x521D;&#x59CB;&#x5316;&#x5BF9;&#x5E94;&#x7684; proxier &#x540E;&#x4F1A;&#x8C03;&#x7528; <code>Proxier.SyncLoop()</code> &#x6267;&#x884C; proxier &#x7684;&#x4E3B;&#x5FAA;&#x73AF;&#xFF0C;&#x800C;&#x5176;&#x6700;&#x7EC8;&#x4F1A;&#x8C03;&#x7528; <code>proxier.syncProxyRules()</code> &#x5237;&#x65B0; iptables &#x89C4;&#x5219;&#x3002;</p>
<pre class="language-"><code>proxier.SyncLoop() --&gt; proxier.syncRunner.Loop()--&gt;bfr.tryRun()--&gt;bfr.fn()--&gt;proxier.syncProxyRules()
</code></pre><p><code>proxier.syncProxyRules()</code>&#x8FD9;&#x4E2A;&#x51FD;&#x6570;&#x6BD4;&#x8F83;&#x957F;&#xFF0C;&#x5927;&#x7EA6; 800 &#x884C;&#xFF0C;&#x5176;&#x4E2D;&#x6709;&#x8BB8;&#x591A;&#x5197;&#x4F59;&#x7684;&#x4EE3;&#x7801;&#xFF0C;&#x4EE3;&#x7801;&#x53EF;&#x8BFB;&#x6027;&#x4E0D;&#x4F73;&#xFF0C;&#x6211;&#x4EEC;&#x53EA;&#x9700;&#x7406;&#x89E3;&#x5176;&#x57FA;&#x672C;&#x6D41;&#x7A0B;&#x5373;&#x53EF;&#xFF0C;&#x8BE5;&#x51FD;&#x6570;&#x7684;&#x4E3B;&#x8981;&#x529F;&#x80FD;&#x4E3A;&#xFF1A;</p>
<ul>
<li>&#x66F4;&#x65B0;proxier.endpointsMap&#xFF0C;proxier.servieMap</li>
<li>&#x521B;&#x5EFA;&#x81EA;&#x5B9A;&#x4E49;&#x94FE;</li>
<li>&#x5C06;&#x5F53;&#x524D;&#x5185;&#x6838;&#x4E2D; filter &#x8868;&#x548C; nat &#x8868;&#x4E2D;&#x7684;&#x5168;&#x90E8;&#x89C4;&#x5219;&#x5BFC;&#x5165;&#x5230;&#x5185;&#x5B58;&#x4E2D;</li>
<li>&#x4E3A;&#x6BCF;&#x4E2A; service &#x521B;&#x5EFA;&#x89C4;&#x5219;</li>
<li>&#x4E3A; clusterIP &#x8BBE;&#x7F6E;&#x8BBF;&#x95EE;&#x89C4;&#x5219;</li>
<li>&#x4E3A; externalIP &#x8BBE;&#x7F6E;&#x8BBF;&#x95EE;&#x89C4;&#x5219;</li>
<li>&#x4E3A; ingress &#x8BBE;&#x7F6E;&#x8BBF;&#x95EE;&#x89C4;&#x5219;</li>
<li>&#x4E3A; nodePort &#x8BBE;&#x7F6E;&#x8BBF;&#x95EE;&#x89C4;&#x5219;</li>
<li>&#x4E3A; endpoint &#x751F;&#x6210;&#x89C4;&#x5219;&#x94FE;</li>
<li>&#x5199;&#x5165; DNAT &#x89C4;&#x5219;</li>
<li>&#x5220;&#x9664;&#x4E0D;&#x518D;&#x4F7F;&#x7528;&#x7684;&#x670D;&#x52A1;&#x81EA;&#x5B9A;&#x4E49;&#x94FE;</li>
<li>&#x4F7F;&#x7528; iptables-restore &#x540C;&#x6B65;&#x89C4;&#x5219;</li>
</ul>
<p>&#x9996;&#x5148;&#x662F;&#x66F4;&#x65B0; proxier.endpointsMap&#xFF0C;proxier.servieMap &#x4E24;&#x4E2A;&#x5BF9;&#x8C61;&#x3002;</p>
<pre class="language-"><code>func (proxier *Proxier) syncProxyRules() {
    ......
    serviceUpdateResult := proxy.UpdateServiceMap(proxier.serviceMap, proxier.serviceChanges)
    endpointUpdateResult := proxier.endpointsMap.Update(proxier.endpointsChanges)
    staleServices := serviceUpdateResult.UDPStaleClusterIP
    for _, svcPortName := range endpointUpdateResult.StaleServiceNames {
        if svcInfo, ok := proxier.serviceMap[svcPortName]; ok &amp;&amp; svcInfo != nil &amp;&amp; svcInfo.Protocol() == v1.ProtocolUDP {
            staleServices.Insert(svcInfo.ClusterIP().String())
            for _, extIP := range svcInfo.ExternalIPStrings() {
                staleServices.Insert(extIP)
            }
        }
    }
    ......
</code></pre><p>&#x7136;&#x540E;&#x521B;&#x5EFA;&#x6240;&#x9700;&#x8981;&#x7684; iptable &#x94FE;&#xFF1A;</p>
<pre class="language-"><code>    for _, jump := range iptablesJumpChains {
          // &#x521B;&#x5EFA;&#x81EA;&#x5B9A;&#x4E49;&#x94FE;
        if _, err := proxier.iptables.EnsureChain(jump.table, jump.dstChain); err != nil {
            .....
        }
        args := append(jump.extraArgs,
            ......
        )
        //&#x63D2;&#x5165;&#x5230;&#x5DF2;&#x6709;&#x7684;&#x94FE;
        if _, err := proxier.iptables.EnsureRule(utiliptables.Prepend, jump.table, jump.srcChain, args...); err != nil {
            ......
        }
    }
</code></pre><p>&#x5C06;&#x5F53;&#x524D;&#x5185;&#x6838;&#x4E2D; filter &#x8868;&#x548C; nat &#x8868;&#x4E2D;&#x7684;&#x5168;&#x90E8;&#x89C4;&#x5219;&#x4E34;&#x65F6;&#x5BFC;&#x51FA;&#x5230; buffer &#x4E2D;&#xFF1A;</p>
<pre class="language-"><code>    err := proxier.iptables.SaveInto(utiliptables.TableFilter, proxier.existingFilterChainsData)
    if err != nil { 
    } else { 
        existingFilterChains = utiliptables.GetChainLines(utiliptables.TableFilter, proxier.existingFilterChainsData.Bytes())
    }
    ......
    err = proxier.iptables.SaveInto(utiliptables.TableNAT, proxier.iptablesData)
    if err != nil { 
    } else { 
        existingNATChains = utiliptables.GetChainLines(utiliptables.TableNAT, proxier.iptablesData.Bytes())
    }
    writeLine(proxier.filterChains, &quot;*filter&quot;)
    writeLine(proxier.natChains, &quot;*nat&quot;)
</code></pre><p>&#x68C0;&#x67E5;&#x5DF2;&#x7ECF;&#x521B;&#x5EFA;&#x51FA;&#x7684;&#x8868;&#x662F;&#x5426;&#x5B58;&#x5728;&#xFF1A;</p>
<pre class="language-"><code>    for _, chainName := range []utiliptables.Chain{kubeServicesChain, kubeExternalServicesChain, kubeForwardChain} {
        if chain, ok := existingFilterChains[chainName]; ok {
            writeBytesLine(proxier.filterChains, chain)
        } else {
            writeLine(proxier.filterChains, utiliptables.MakeChainLine(chainName))
        }
    }
    for _, chainName := range []utiliptables.Chain{kubeServicesChain, kubeNodePortsChain, kubePostroutingChain, KubeMarkMasqChain} {
        if chain, ok := existingNATChains[chainName]; ok {
            writeBytesLine(proxier.natChains, chain)
        } else {
            writeLine(proxier.natChains, utiliptables.MakeChainLine(chainName))
        }
    }
</code></pre><p>&#x5199;&#x5165; SNAT &#x5730;&#x5740;&#x4F2A;&#x88C5;&#x89C4;&#x5219;&#xFF0C;&#x5728; POSTROUTING &#x9636;&#x6BB5;&#x5BF9;&#x5730;&#x5740;&#x8FDB;&#x884C; MASQUERADE &#x5904;&#x7406;&#xFF0C;&#x539F;&#x59CB;&#x8BF7;&#x6C42;&#x6E90; IP &#x5C06;&#x88AB;&#x4E22;&#x5931;&#xFF0C;&#x88AB;&#x8BF7;&#x6C42; pod &#x7684;&#x5E94;&#x7528;&#x770B;&#x5230;&#x4E3A; NodeIP &#x6216; CNI &#x8BBE;&#x5907; IP(bridge/vxlan&#x8BBE;&#x5907;)&#xFF1A;</p>
<pre class="language-"><code>    masqRule := []string{
        ......
    }
    if proxier.iptables.HasRandomFully() {
        masqRule = append(masqRule, &quot;--random-fully&quot;)
    } else {
    }
    writeLine(proxier.natRules, masqRule...)
    writeLine(proxier.natRules, []string{
        ......
    }...)
</code></pre><p>&#x4E3A;&#x6BCF;&#x4E2A; service &#x521B;&#x5EFA;&#x89C4;&#x5219;&#xFF0C;&#x521B;&#x5EFA; KUBE-SVC-xxx &#x548C; KUBE-XLB-xxx &#x94FE;&#x3001;&#x521B;&#x5EFA; service portal &#x89C4;&#x5219;&#x3001;&#x4E3A; clusterIP &#x521B;&#x5EFA;&#x89C4;&#x5219;&#xFF1A;</p>
<pre class="language-"><code>    for svcName, svc := range proxier.serviceMap {
        svcInfo, ok := svc.(*serviceInfo)
        ......
        if hasEndpoints {
            ......
        }
        svcXlbChain := svcInfo.serviceLBChainName
        if svcInfo.OnlyNodeLocalEndpoints() {
            ......
        }
        if hasEndpoints {
            ......
        } else {
            ......
        }
</code></pre><p>&#x82E5;&#x670D;&#x52A1;&#x4F7F;&#x7528;&#x4E86; externalIP&#xFF0C;&#x521B;&#x5EFA;&#x5BF9;&#x5E94;&#x7684;&#x89C4;&#x5219;&#xFF1A;</p>
<pre class="language-"><code>        for _, externalIP := range svcInfo.ExternalIPStrings() {
            if local, err := utilproxy.IsLocalIP(externalIP); err != nil {
                ......
                if proxier.portsMap[lp] != nil {
                    ......
                } else {
                    ......
                }
            }
            if hasEndpoints {
                ......
            } else {
                ......
            }
        }
</code></pre><p>&#x82E5;&#x670D;&#x52A1;&#x4F7F;&#x7528;&#x4E86; ingress&#xFF0C;&#x521B;&#x5EFA;&#x5BF9;&#x5E94;&#x7684;&#x89C4;&#x5219;&#xFF1A;</p>
<pre class="language-"><code>        for _, ingress := range svcInfo.LoadBalancerIPStrings() {
            if ingress != &quot;&quot; {
                if hasEndpoints {
                    ......
                    if !svcInfo.OnlyNodeLocalEndpoints() {
                        ......
                    }
                    if len(svcInfo.LoadBalancerSourceRanges()) == 0 {
                        ......
                    } else {
                        ......
                    }
                    ......
                } else {
                    ......
                }
            }
        }
</code></pre><p>&#x82E5;&#x4F7F;&#x7528;&#x4E86; nodePort&#xFF0C;&#x521B;&#x5EFA;&#x5BF9;&#x5E94;&#x7684;&#x89C4;&#x5219;&#xFF1A;</p>
<pre class="language-"><code>        if svcInfo.NodePort() != 0 {
            addresses, err := utilproxy.GetNodeAddresses(proxier.nodePortAddresses, proxier.networkInterfacer)
            lps := make([]utilproxy.LocalPort, 0)
            for address := range addresses {
                ......
                lps = append(lps, lp)
            }
            for _, lp := range lps {
                if proxier.portsMap[lp] != nil {
                } else if svcInfo.Protocol() != v1.ProtocolSCTP {
                    socket, err := proxier.portMapper.OpenLocalPort(&amp;lp)
                    ......
                    if lp.Protocol == &quot;udp&quot; {
                        ......
                    }
                    replacementPortsMap[lp] = socket
                }
            }
            if hasEndpoints {
                ......
            } else {
                ......
            }
        }
</code></pre><p>&#x4E3A; endpoint &#x751F;&#x6210;&#x89C4;&#x5219;&#x94FE; KUBE-SEP-XXX&#xFF1A;</p>
<pre class="language-"><code>        endpoints = endpoints[:0]
        endpointChains = endpointChains[:0]
        var endpointChain utiliptables.Chain
        for _, ep := range proxier.endpointsMap[svcName] {
            epInfo, ok := ep.(*endpointsInfo)
            ......
            if chain, ok := existingNATChains[utiliptables.Chain(endpointChain)]; ok {
                writeBytesLine(proxier.natChains, chain)
            } else {
                writeLine(proxier.natChains, utiliptables.MakeChainLine(endpointChain))
            }
            activeNATChains[endpointChain] = true
        }
</code></pre><p>&#x5982;&#x679C;&#x521B;&#x5EFA; service &#x65F6;&#x6307;&#x5B9A;&#x4E86; SessionAffinity &#x4E3A; clientIP &#x5219;&#x4F7F;&#x7528; recent &#x521B;&#x5EFA;&#x4FDD;&#x6301;&#x4F1A;&#x8BDD;&#x8FDE;&#x63A5;&#x7684;&#x89C4;&#x5219;&#xFF1A;</p>
<pre class="language-"><code>        if svcInfo.SessionAffinityType() == v1.ServiceAffinityClientIP {
            for _, endpointChain := range endpointChains {
                ......
            }
        }
</code></pre><p>&#x5199;&#x5165;&#x8D1F;&#x8F7D;&#x5747;&#x8861;&#x548C; DNAT &#x89C4;&#x5219;&#xFF0C;&#x5BF9;&#x4E8E; endpoints &#x4E2D;&#x7684; pod &#x4F7F;&#x7528;&#x968F;&#x673A;&#x8BBF;&#x95EE;&#x8D1F;&#x8F7D;&#x5747;&#x8861;&#x7B56;&#x7565;&#x3002;</p>
<ul>
<li>&#x5728; iptables &#x89C4;&#x5219;&#x4E2D;&#x52A0;&#x5165;&#x8BE5; service &#x5BF9;&#x5E94;&#x7684;&#x81EA;&#x5B9A;&#x4E49;&#x94FE;&#x201C;KUBE-SVC-xxx&#x201D;&#xFF0C;&#x5982;&#x679C;&#x8BE5;&#x670D;&#x52A1;&#x5BF9;&#x5E94;&#x7684; endpoints &#x5927;&#x4E8E;&#x7B49;&#x4E8E;2&#xFF0C;&#x5219;&#x6DFB;&#x52A0;&#x8D1F;&#x8F7D;&#x5747;&#x8861;&#x89C4;&#x5219;&#xFF1B;</li>
<li>&#x9488;&#x5BF9;&#x975E;&#x672C;&#x5730; Node &#x4E0A;&#x7684; pod&#xFF0C;&#x9700;&#x8FDB;&#x884C; DNAT&#xFF0C;&#x5C06;&#x8BF7;&#x6C42;&#x7684;&#x76EE;&#x6807;&#x5730;&#x5740;&#x8BBE;&#x7F6E;&#x6210;&#x5019;&#x9009;&#x7684; pod &#x7684; IP &#x540E;&#x8FDB;&#x884C;&#x8DEF;&#x7531;&#xFF0C;KUBE-MARK-MASQ &#x5C06;&#x91CD;&#x8BBE;(&#x4F2A;&#x88C5;)&#x6E90;&#x5730;&#x5740;&#xFF1B;</li>
</ul>
<pre class="language-"><code>        for i, endpointChain := range endpointChains {
            ......
            if svcInfo.OnlyNodeLocalEndpoints() &amp;&amp; endpoints[i].IsLocal {
                ......
            }
            ......
            epIP := endpoints[i].IP()
            if epIP == &quot;&quot; {
                ......
            }
            ......
            args = append(args, &quot;-j&quot;, string(endpointChain))
            writeLine(proxier.natRules, args...)
            ......
            if svcInfo.SessionAffinityType() == v1.ServiceAffinityClientIP {
                ......
            }
            ......
            writeLine(proxier.natRules, args...)
        }
</code></pre><p>&#x82E5;&#x542F;&#x7528;&#x4E86; clusterCIDR &#x5219;&#x751F;&#x6210;&#x5BF9;&#x5E94;&#x7684;&#x89C4;&#x5219;&#x94FE;&#xFF1A;</p>
<pre class="language-"><code>        if len(proxier.clusterCIDR) &gt; 0 {            ......            writeLine(proxier.natRules, args...)        }
</code></pre><p>&#x4E3A;&#x672C;&#x673A;&#x7684; pod &#x5F00;&#x542F;&#x4F1A;&#x8BDD;&#x4FDD;&#x6301;&#xFF1A;</p>
<pre class="language-"><code>        args = append(args[:0], &quot;-A&quot;, string(svcXlbChain))
        writeLine(proxier.natRules, ......)
        numLocalEndpoints := len(localEndpointChains)
        if numLocalEndpoints == 0 {
            ......
            writeLine(proxier.natRules, args...)
        } else {
            if svcInfo.SessionAffinityType() == v1.ServiceAffinityClientIP {
                for _, endpointChain := range localEndpointChains {
                    ......
                }
            }
            ......
            for i, endpointChain := range localEndpointChains {
                ......
                args = append(args, &quot;-j&quot;, string(endpointChain))
                writeLine(proxier.natRules, args...)
            }
        }
    }
</code></pre><p>&#x5220;&#x9664;&#x4E0D;&#x5B58;&#x5728;&#x670D;&#x52A1;&#x7684;&#x81EA;&#x5B9A;&#x4E49;&#x94FE;&#xFF0C;KUBE-SVC-xxx&#x3001;KUBE-SEP-xxx&#x3001;KUBE-FW-xxx&#x3001;KUBE-XLB-xxx&#xFF1A;</p>
<pre class="language-"><code>    for chain := range existingNATChains {
        if !activeNATChains[chain] {
            ......
            if !strings.HasPrefix(chainString, &quot;KUBE-SVC-&quot;) &amp;&amp; !strings.HasPrefix(chainString, &quot;KUBE-SEP-&quot;) &amp;&amp; !strings.HasPrefix(chainString, &quot;KUBE-FW-&quot;) &amp;&amp; !      strings.HasPrefix(chainString, &quot;KUBE-XLB-&quot;) {
                ......
                continue
            }
            writeBytesLine(proxier.natChains, existingNATChains[chain])
            writeLine(proxier.natRules, &quot;-X&quot;, chainString)
        }
    }
</code></pre><p>&#x5728; KUBE-SERVICES &#x94FE;&#x6700;&#x540E;&#x6DFB;&#x52A0; nodePort &#x89C4;&#x5219;&#xFF1A;</p>
<pre class="language-"><code>    writeLine(proxier.filterRules,
        ......
    )
    writeLine(proxier.filterRules,
        ......
    )
    if len(proxier.clusterCIDR) != 0 {
        writeLine(proxier.filterRules,
            ......
        )
        writeLine(proxier.filterRules,
            ......
        )
    }
</code></pre><p>&#x4E3A; INVALID &#x72B6;&#x6001;&#x7684;&#x5305;&#x6DFB;&#x52A0;&#x89C4;&#x5219;&#xFF0C;&#x4E3A; KUBE-FORWARD &#x94FE;&#x6DFB;&#x52A0;&#x5BF9;&#x5E94;&#x7684;&#x89C4;&#x5219;&#xFF1A;</p>
<pre class="language-"><code>    addresses, err := utilproxy.GetNodeAddresses(proxier.nodePortAddresses, proxier.networkInterfacer)
    if err != nil {
            ......
    } else {
        for address := range addresses {
            if utilproxy.IsZeroCIDR(address) {
                ......
            }
            if isIPv6 &amp;&amp; !utilnet.IsIPv6String(address) || !isIPv6 &amp;&amp; utilnet.IsIPv6String(address) {
                ......
            }
            .....
            writeLine(proxier.natRules, args...)
        }
    }
</code></pre><p>&#x5728;&#x7ED3;&#x5C3E;&#x6DFB;&#x52A0;&#x6807;&#x5FD7;&#xFF1A;</p>
<pre class="language-"><code>    writeLine(proxier.filterRules, &quot;COMMIT&quot;)
    writeLine(proxier.natRules, &quot;COMMIT&quot;)
</code></pre><p>&#x4F7F;&#x7528; iptables-restore &#x540C;&#x6B65;&#x89C4;&#x5219;&#xFF1A;</p>
<pre class="language-"><code>    proxier.iptablesData.Reset()
    proxier.iptablesData.Write(proxier.filterChains.Bytes())
    proxier.iptablesData.Write(proxier.filterRules.Bytes())
    proxier.iptablesData.Write(proxier.natChains.Bytes())
    proxier.iptablesData.Write(proxier.natRules.Bytes())
    err = proxier.iptables.RestoreAll(proxier.iptablesData.Bytes(), utiliptables.NoFlushTables, utiliptables.RestoreCounters)
    if err != nil {
        ......
    }
</code></pre><p>&#x4EE5;&#x4E0A;&#x5C31;&#x662F;&#x5BF9; kube-proxy iptables &#x4EE3;&#x7406;&#x6A21;&#x5F0F;&#x6838;&#x5FC3;&#x6E90;&#x7801;&#x7684;&#x4E00;&#x4E2A;&#x8D70;&#x8BFB;&#x3002;</p>
<h3 id="&#x603B;&#x7ED3;"><a name="&#x603B;&#x7ED3;" class="anchor-navigation-ex-anchor" href="#&#x603B;&#x7ED3;"><i class="fa fa-link" aria-hidden="true"></i></a>&#x603B;&#x7ED3;</h3>
<p>&#x672C;&#x6587;&#x4E3B;&#x8981;&#x8BB2;&#x4E86; kube-proxy iptables &#x6A21;&#x5F0F;&#x7684;&#x5B9E;&#x73B0;&#xFF0C;&#x53EF;&#x4EE5;&#x770B;&#x5230;&#x5176;&#x4E2D;&#x7684; iptables &#x89C4;&#x5219;&#x662F;&#x76F8;&#x5F53;&#x590D;&#x6742;&#x7684;&#xFF0C;&#x5728;&#x5B9E;&#x9645;&#x73AF;&#x5883;&#x4E2D;&#x5C3D;&#x91CF;&#x6839;&#x636E;&#x5DF2;&#x6709;&#x670D;&#x52A1;&#x518D;&#x6765;&#x68B3;&#x7406;&#x6574;&#x4E2A; iptables &#x89C4;&#x5219;&#x94FE;&#x5C31;&#x6BD4;&#x8F83;&#x6E05;&#x695A;&#x4E86;&#xFF0C;&#x7B14;&#x8005;&#x5BF9;&#x4E8E; iptables &#x7684;&#x77E5;&#x8BC6;&#x4E5F;&#x662F;&#x73B0;&#x5B66;&#x7684;&#xFF0C;&#x6587;&#x4E2D;&#x5982;&#x6709;&#x4E0D;&#x5F53;&#x4E4B;&#x5904;&#x671B;&#x6307;&#x6B63;&#x3002;&#x4E0A;&#x9762;&#x5206;&#x6790;&#x5B8C;&#x4E86;&#x6574;&#x4E2A; iptables &#x6A21;&#x5F0F;&#x7684;&#x529F;&#x80FD;&#xFF0C;&#x4F46;&#x662F; iptable &#x5B58;&#x5728;&#x4E00;&#x4E9B;&#x6027;&#x80FD;&#x95EE;&#x9898;&#xFF0C;&#x6BD4;&#x5982;&#x6709;&#x89C4;&#x5219;&#x7EBF;&#x6027;&#x5339;&#x914D;&#x65F6;&#x5EF6;&#x3001;&#x89C4;&#x5219;&#x66F4;&#x65B0;&#x65F6;&#x5EF6;&#x3001;&#x53EF;&#x6269;&#x5C55;&#x6027;&#x5DEE;&#x7B49;&#xFF0C;&#x4E3A;&#x4E86;&#x89E3;&#x51B3;&#x8FD9;&#x4E9B;&#x95EE;&#x9898;&#x4E8E;&#x662F;&#x6709;&#x4E86; ipvs &#x6A21;&#x5F0F;&#xFF0C;&#x5728;&#x4E0B;&#x7BC7;&#x6587;&#x7AE0;&#x4E2D;&#x4F1A;&#x7EE7;&#x7EED;&#x4ECB;&#x7ECD; ipvs &#x6A21;&#x5F0F;&#x7684;&#x5B9E;&#x73B0;&#x3002;</p>
<p>Question&#xFF1A;</p>
<ol>
<li>iptables &#x4E2D;&#x7684;&#x8868;&#x548C;&#x94FE;&#x7684;&#x5173;&#x7CFB;</li>
<li>&#x5F53;&#x6211;&#x4EEC;&#x8BBF;&#x95EE;&#x4E00;&#x4E2A;svc IP&#x5730;&#x5740;&#x7684;&#x65F6;&#x5019; &#x5185;&#x6838;&#xFF0C; iptables&#xFF0C; &#x7F51;&#x5361;&#xFF0C; &#x7F51;&#x5173;&#xFF0C; &#x8DEF;&#x7531;&#x89C4;&#x5219; &#x90FD;&#x662F;&#x5982;&#x4F55;&#x534F;&#x540C;&#x5DE5;&#x4F5C;&#x7684;</li>
<li></li>
</ol>
<p>&#x53C2;&#x8003;&#xFF1A;</p>
<p><a href="https://www.jianshu.com/p/a978af8e5dd8" target="_blank">https://www.jianshu.com/p/a978af8e5dd8</a></p>
<p><a href="https://blog.csdn.net/ebay/article/details/52798074" target="_blank">https://blog.csdn.net/ebay/article/details/52798074</a></p>
<p><a href="https://blog.csdn.net/horsefoot/article/details/51249161" target="_blank">https://blog.csdn.net/horsefoot/article/details/51249161</a></p>
<p><a href="https://rootdeep.github.io/posts/kube-proxy-code-analysis/" target="_blank">https://rootdeep.github.io/posts/kube-proxy-code-analysis/</a></p>
<p><a href="https://www.cnblogs.com/charlieroro/p/9588019.html" target="_blank">https://www.cnblogs.com/charlieroro/p/9588019.html</a></p>
<footer class="page-footer"><span class="copyright">Copyright &#xA9; caixisheng 2017 all right reserved&#xFF0C;powered by Gitbook</span><span class="footer-modification">&#x8BE5;&#x6587;&#x4EF6;&#x4FEE;&#x8BA2;&#x65F6;&#x95F4;&#xFF1A;
2021-05-20 17:19:49
</span></footer> <link rel="stylesheet" type="text/css" href="https://storage.googleapis.com/app.klipse.tech/css/codemirror.css"> <script>     window.klipse_settings = {         selector: ".language-klipse, .lang-eval-clojure",         selector_eval_js: ".lang-eval-js",         selector_eval_python_client: ".lang-eval-python",         selector_eval_php: ".lang-eval-php",         selector_eval_scheme: ".lang-eval-scheme",         selector_eval_ruby: ".lang-eval-ruby",         selector_reagent: ".lang-reagent",        selector_google_charts: ".lang-google-chart",        selector_es2017: ".lang-eval-es2017",        selector_jsx: ".lang-eval-jsx",        selector_transpile_jsx: ".lang-transpile-jsx",        selector_render_jsx: ".lang-render-jsx",        selector_react: ".lang-react",        selector_eval_markdown: ".lang-render-markdown",        selector_eval_lambdaway: ".lang-render-lambdaway",        selector_eval_cpp: ".lang-eval-cpp",        selector_eval_html: ".lang-render-html",        selector_sql: ".lang-eval-sql",        selector_brainfuck: "lang-eval-brainfuck",        selector_js: ".lang-transpile-cljs"    }; </script> <script src="https://storage.googleapis.com/app.klipse.tech/plugin/js/klipse_plugin.js"></script>
                                
                                </section>
                            
    </div>
    <div class="search-results">
        <div class="has-results">
            
            <h1 class="search-results-title"><span class='search-results-count'></span> results matching "<span class='search-query'></span>"</h1>
            <ul class="search-results-list"></ul>
            
        </div>
        <div class="no-results">
            
            <h1 class="search-results-title">No results matching "<span class='search-query'></span>"</h1>
            
        </div>
    </div>
</div>

                        </div>
                    </div>
                
            </div>

            
                
                <a href="job.html" class="navigation navigation-prev " aria-label="Previous page: Job">
                    <i class="fa fa-angle-left"></i>
                </a>
                
                
                <a href="kube-proxy-ipvs.html" class="navigation navigation-next " aria-label="Next page: Kube Proxy Ipvs">
                    <i class="fa fa-angle-right"></i>
                </a>
                
            
        
    </div>

    <script>
        var gitbook = gitbook || [];
        gitbook.push(function() {
            gitbook.page.hasChanged({"page":{"title":"Kube Proxy Iptables","level":"1.9.4.4","depth":3,"next":{"title":"Kube Proxy Ipvs","level":"1.9.4.5","depth":3,"path":"blog/kubernetes/K8s源码/kube-proxy-ipvs.md","ref":"blog/kubernetes/K8s源码/kube-proxy-ipvs.md","articles":[]},"previous":{"title":"Job","level":"1.9.4.3","depth":3,"path":"blog/kubernetes/K8s源码/job.md","ref":"blog/kubernetes/K8s源码/job.md","articles":[]},"dir":"ltr"},"config":{"plugins":["summary","expandable-chapters","toggle-chapters","theme-comscore","-lunr","-search","-highlight","-livereload","search-plus@^0.0.11","simple-page-toc@^0.1.1","github@^2.0.0","github-buttons@2.1.0","edit-link@^2.0.2","disqus@^0.1.0","prism@^2.1.0","prism-themes@^0.0.2","advanced-emoji@^0.2.1","anchors@^0.7.1","include-codeblock@^3.0.2","emphasize@^1.1.0","katex@^1.1.3","splitter@^0.0.8","mermaid-gb3@2.1.0","tbfed-pagefooter@^0.0.1","expandable-chapters-small@^0.1.7","sectionx@^3.1.0","donate@^1.0.2","local-video@^1.0.1","anchor-navigation-ex@0.1.8","favicon@^0.0.2","3-ba@^0.9.0","terminal@^0.3.2","alerts@^0.2.0","include-csv@^0.1.0","puml@^1.0.1","musicxml@^1.0.2","klipse@^1.2.0","versions-select@^0.1.1","-sharing","sharing-plus@^0.0.2","graph@^0.1.0","chart@^0.2.0"],"root":".","styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"pluginsConfig":{"tbfed-pagefooter":{"copyright":"Copyright © caixisheng 2017","modify_label":"该文件修订时间：","modify_format":"YYYY-MM-DD HH:mm:ss"},"prism":{"css":["prism-themes/themes/prism-base16-ateliersulphurpool.light.css"]},"include-csv":{},"disqus":{"useIdentifier":false,"shortName":"gitbookuse"},"emphasize":{},"github":{"url":"https://github.com/xishengcai/xisheng.blog"},"puml":{},"simple-page-toc":{"maxDepth":3,"skipFirstH1":true},"summary":{},"splitter":{},"sharing-plus":{"qq":false,"all":["facebook","google","twitter","instapaper","linkedin","pocket","stumbleupon"],"douban":false,"facebook":true,"weibo":false,"instapaper":false,"whatsapp":false,"hatenaBookmark":false,"twitter":true,"messenger":false,"line":false,"vk":false,"pocket":true,"google":false,"viber":false,"stumbleupon":false,"qzone":false,"linkedin":false},"versions-select":{"type":"branches"},"graph":{},"donate":{"alipay":"https://cai-hello-1253732611.cos.ap-shanghai.myqcloud.com/share/zhifubao-pay.jpg","alipayText":"支付宝打赏","button":"赏","title":"","wechat":"https://cai-hello-1253732611.cos.ap-shanghai.myqcloud.com/share/weixin-pay.jpg","wechatText":"微信打赏"},"katex":{},"fontsettings":{"theme":"white","family":"sans","size":2},"musicxml":{},"sectionx":{"tag":"b"},"mermaid-gb3":{},"anchor-navigation-ex":{"isRewritePageTitle":false,"tocLevel1Icon":"fa fa-hand-o-right","tocLevel2Icon":"fa fa-hand-o-right","tocLevel3Icon":"fa fa-hand-o-right"},"favicon":{"shortcut":"favicon.ico","bookmark":"favicon.ico"},"theme-comscore":{},"prism-themes":{},"alerts":{},"github-buttons":{"repo":"xishengcai/xisheng.blog","types":["star"],"size":"small"},"3-ba":{"configuration":"auto","token":"ff100361cdce95dd4c8fb96b4009f7bc"},"expandable-chapters-small":{},"local-video":{},"klipse":{"myConfigKey":"it's the default value"},"advanced-emoji":{"embedEmojis":false},"include-codeblock":{"check":false,"edit":true,"fixlang":false,"lang":"","template":"ace","theme":"chrome","unindent":true},"sharing":{"qq":false,"all":["facebook","google","twitter","weibo","instapaper","linkedin","pocket","stumbleupon","qq","qzone"],"douban":false,"facebook":false,"weibo":true,"instapaper":false,"whatsapp":false,"hatenaBookmark":false,"twitter":false,"messenger":false,"line":false,"vk":false,"pocket":false,"google":true,"viber":false,"stumbleupon":false,"qzone":false,"linkedin":true},"terminal":{"copyButtons":true,"fade":false,"style":"flat"},"edit-link":{"label":"Edit This Page","base":"https://github.com/xishengcai/xisheng.blog/edit/master"},"theme-default":{"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"showLevel":true},"anchors":{},"chart":{"type":"c3"},"toggle-chapters":{},"expandable-chapters":{},"search-plus":{}},"theme":"default","author":"xishengcai","pdf":{"pageNumbers":true,"fontSize":12,"fontFamily":"Arial","paperSize":"a4","chapterMark":"pagebreak","pageBreaksBefore":"/","margin":{"right":62,"left":62,"top":56,"bottom":56}},"structure":{"langs":"LANGS.md","readme":"README.md","glossary":"GLOSSARY.md","summary":"SUMMARY.md"},"variables":{},"title":"这是程序员吗","language":"zh-hans","output.name":"site","links":{"sidebar":{"Home":"https://xisheng.vip"}},"gitbook":"3.2.3","description":"这是程序员吗"},"file":{"path":"blog/kubernetes/K8s源码/kube-proxy-iptables.md","mtime":"2021-05-20T09:19:49.286Z","type":"markdown"},"gitbook":{"version":"3.2.3","time":"2021-06-23T07:51:54.455Z"},"basePath":"../../..","book":{"language":""}});
        });
    </script>
</div>

        
    
    <script src="../../../gitbook/gitbook.js"></script>
    <script src="../../../gitbook/theme.js"></script>
    
        
        <script src="../../../gitbook/gitbook-plugin-expandable-chapters/expandable-chapters.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-toggle-chapters/toggle.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-search-plus/jquery.mark.min.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-search-plus/search.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-github/plugin.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-github-buttons/plugin.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-edit-link/plugin.js"></script>
        
    
        
        <script src="https://cdnjs.cloudflare.com/ajax/libs/URI.js/1.16.1/URI.min.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-disqus/plugin.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-splitter/splitter.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-mermaid-gb3/book/plugin.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-expandable-chapters-small/expandable-chapters-small.js"></script>
        
    
        
        <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-sectionx/sectionx.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-donate/plugin.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-local-video/video.min.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-3-ba/plugin.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-terminal/plugin.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-alerts/plugin.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-musicxml/osmd.min.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-musicxml/musicxml.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-musicxml/promise.min.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-versions-select/plugin.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-sharing-plus/buttons.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-fontsettings/fontsettings.js"></script>
        
    
        
        <script src="../../../gitbook/gitbook-plugin-theme-comscore/test.js"></script>
        
    

    <script src="../../../gitbook/gitbook-plugin-mermaid-gb3/mermaid/mermaid.min.js"></script>

    </body>
</html>

